About Me

I’m Shafi Ur Rahman, a cybersecurity professional with over 13 years of experience in offensive security. Throughout my career, I’ve had the privilege of leading cutting-edge security operations, including red teaming, penetration testing, and vulnerability assessments for organizations across various sectors. I’m certified in OSCP, CRTP, and CISM, and my passion lies in helping businesses strengthen their defenses against modern cyber threats.

What I Do:

• Lead offensive security engagements, including VAPT, Red Teaming, and BAS
• Penetration testing using frameworks like MITRE ATT&CK and methodologies like OWASP and OSSTMM
• Master various security tools such as Kali Linux, Nessus, Nmap, Burp Suite, and more
• Test API, Mobile, and Web Applications using SAST, DAST techniques, and OWASP guidelines
• Enhance security posture using a full-stack understanding of applications with coding experience in C, C++, C#, JavaScript, Python, and PHP
• Ensure compliance with PCI-DSS, ISO 27001, and risk assessments via CVSS
• Constantly improve security testing and reporting with AI tools like ChatGPT

Achievements:

• Discovered CVE-2021-40683 (Privilege Escalation vulnerability in Akamai EAA Client)
• Trained and mentored teams to enhance offensive security skills and operational performance
• Developed and implemented VAPT strategies that helped increase security service offerings
• Regularly share insights and knowledge through webinars on offensive security techniques

If you’d like to dive deeper into my work, connect with me on LinkedIn, follow my projects on GitHub, or explore my thoughts and ideas on my blog.