Muhammad Khizer Javed
Penetration Tester
Muhammad Khizer Javed
About Me
Hi everyone! My name is Muhammad Khizer Javed. I’m currently working in the cybersecurity sector mainly as a Bug Bounty Hunter and Penetration Tester, performing web/mobile application security assessments and network security assessments.
My goal is to join hands with other hackers in Pakistan and help mentor those with any sort of interest in cybersecurity and help grow our community.
When I’m not hacking, I’m mostly learning as I’m still a student of cybersecurity and in the process of growing and learning. I’m not a student of a university I prefer to learn online via self-placed courses.
I also enjoy playing video games (mainly story-based), reading novels, sleeping, and watching movies/documentaries. I have an interest in digital forensics thus I do learn about it in my free time as a hobby.
- Age26
- ResidenceLahore, Pakistan
- E-mail[email protected]
What I Do
Penetration Testing
Doing web/mobile application security assessments and network security testing.
Bug Bounty Hunting
Doing Bug Bounty Hunting currently ranked on Bugcrowd: #1 Crowdsourced Cybersecurity Platform, and have over 3500 Reputation Points on HackerOne Bug Bounty Platform.
Blogging
I Write blogs on topics related to cybersecurity for clients and for my own blog located at blog.securitybreached.org
CTF Player
I Actively take part in Web and mobile based CTF(Capture the flag) challengees to learn new things and sharpen my skills.
Testimonials
A very important issue found a well-written report and friendly communication too really loved your Well written report.
Great find, incredibly detailed report, and really appreciated the patience and follow-up as we resolved at "corporate speed". Thanks yet again 🙂
"Excellent report writing skills, showcasing train of thought and step-by-step evidence throughout. Thank you!"
Worked with Muhammad Khizer on a couple of projects, Boy has amazing skills in term of Pen-testing assessments.
Muhammad is an ethical and professional researcher who has proactively helped groups across a myriad of industries. His professional bearing and forthcoming nature are to be commended as it was a pleasure to work with him on what are traditionally sensitive subjects for the greater interest of security. Thanks for being a solid pillar in this space Muhammad! We need more researchers like yourself.
I've personally worked with Khizer on different projects, He is a great team member who is actively working in the web application security field. He is also very active in bug bounty programs providing professional and well-written reports which appear to be a result of a very high level of expertise in penetration testing and vulnerability assessment. I feel he is capable of handling any issue quickly and in a responsible way. His work ethic is immaculate and so easy to work together with, I would highly recommend him.
Progress Report
Valid Reports
2700+Hall Of Fames
350+Experience
8 yearsProjects Worked
60+What i want to Achieve?
As I grew in my career, I want to consider more advanced certifications to continue my professional development and to learn and sharpen my skills in the Security realm.
As I have to work, earn and learn all together this might take me some extra time but I’m sure to reach there soon.
Here are some certifications I would like to achieve in the coming few months.
- Offensive Security Certified Professional (OSCP)
- eLearnSecurity Junior Penetration Tester (eJPT)
- eLearnSecurity Web Application Penetration Tester (eWPT)
- Advanced Web Attacks and Exploitation (AWAE)
Resume
Formal Education
2014
IMCB I-10/2 IslamabadHighschool
Matriculation Examination
2016
IMCB F-7/3 IslamabadCollege
Intermediate in Computer Science (ICS)
Formal Education
2014
IMCB I-10/2 IslamabadHighschool
Matriculation Examination
2016
IMCB F-7/3 IslamabadCollege
Intermediate in Computer Science (ICS)
Professional Education
2016
ICEPT - Iqra University IslamabadEthical Hacking Training
Ethical Hacking Training course offered by Iqra Center for Emerging Products and Technologies (ICEPT) at Iqra University Islamabad, Pakistan.
2019
PentesterLab TrainingsPentesterLab
PentesterLab will get you to the next level. Whether you're a complete infosec noob, a bug bounty hunter, or a professional pentester, you will gain a deep understanding of vulnerabilities and methods of exploitation.
There's only one way to properly learn web penetration testing: by getting your hands dirty. and PentesterLab provides a unique and attractive opportunity to lean it.
2020
ICSI | UKICSI | CNSS Certified Network Security Specialist
Training for CNSS by International Cybersecurity Institute UK, Includes a holistic view of modern network security including operating system hardening, firewalls, intrusion-detection systems, VPNs, and Encryption. Physical Security, Standards, System Security, and Security Policies are also included.
2020
Basis TechnologyAutopsy Basics and Hands On (8-Hours)
Autopsy is the most popular open-source digital forensics platform. This course is an introduction to Autopsy for examiners who already know the fundamentals of digital forensics.
The course focuses on making cases, adding data sources, and how to analyse data it covers how to configure hash sets, search for keywords, correlate with past cases, and more. the course mixes video lectures with hands-on labs.
2020
EC-CouncilCertified Ethical Hacker(Practical)
C|EH Practical is a six-hour, rigorous exam that requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, web app hacking, etc. to solve a security audit challenge.
A certified Ethical Hacker (Practical) is well versed with Ethical hacking techniques and has demonstrated the same when tested in an environment that mimics a real corporate network through the use of live virtual machines, networks, and applications, designed to test your skills.
Ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, web app hacking.
2020
EC-CouncilEC-Council Certified Security Analyst (Practical)
ECSA (Practical) is a 12-hour, rigorous practical exam built to test penetration testing & report writing skills.
An EC-Council Certified Security Analyst (Practical) has the ability to perform threat and exploit research, understand exploits in the wild, write exploits, customize payloads, and make critical decisions at different phases of a pen testing engagement that can make or break the whole assessment.
Advanced network scans beyond perimeter defenses, automated and manual vulnerability analysis, exploit selection, customization, launch, and post exploitation manoeuvres.
Hacking Skills
Website Security Testing
Web Application Security Testing
Mobile Application Security Testing
API Security Testing
Network Security Testing
Digital Forensics
Coding Skills
Bash
Python
HTML/CSS
Still Learing
Knowledges
- Web Application Security
- Mobile Application Security
- Network Security
- Cybersecurity
- Digital Design
- Digital Forensics
- Problem-Solving
- Social Networking
- Flexibility
- Communication
Common Vulnerabilities and Exposures (CVE)
2018
AppleCVE-2018-4238
Certifications
Bug Bounty Profiles
Bugcrowd is all-in-one crowdsourced security platform.
Profile: https://bugcrowd.com/MuhammadKhizerJaved
HackerOne is a vulnerability coordination and bug bounty platform that connects businesses with penetration testers and cybersecurity researchers.
Profile: https://hackerone.com/khizer47