Cybersecurity Student · Aspiring Penetration Tester
Web Application Security · Red Teaming · Networks
👋 About me I'm a cybersecurity student focused on the offensive side of security penetration testing, web application security, and red teaming. What pulled me in was curiosity: understanding how attacks actually work, how systems get compromised, and what's really happening beneath the surface. Learning to think like an attacker has changed how I see every system around me. My goal is to grow into a professional penetration tester, and this GitHub is where I document the journey.
Currently learning:
Linux/Windows fundamentals (CLI, PS)
Networking (OSI model, Protocols, Ports, etc)
Web application vulnerabilities (OWASP Top 10)
Python & Bash scripting for security
🛠️ Toolbox (learning)
🎯 Practicing on
📚 Lab write-ups — Write-ups
📚 Learning Logs — Ongoing study notes
🗺️ Roadmap
| Paths | Status |
|---|---|
| Pre Security | 🏃 In-Progress |
| Cyber Security 101 | Not started |
| Jr Penetration Tester | Not started |
| SOC Level 1 | Not started |
| Paths | Status |
|---|---|
| Web cache deception | Not started |
| WebSockets vulnerabilities | Not started |
| Authentication vulnerabilities | Not started |
| Server-side request forgery attacks (SSRF) | Not started |
| Prototype pollution | Not started |
| Clickjacking (UI redressing) | Not started |
| GrapgQL API vulnerabilities | Not started |
| Cross-origin resource sharing (CORS) | Not started |
| Path traversal | Not started |
📜 In-progress certifications
| Certifications | Status | Source |
|---|---|---|
| SEC0 | Not acquired | TryHackMe |
| PT1 | Not acquired | TryHackMe |
| SAL1 | Not acquired | TryHackMe |
| eJPT | Not acquired | INE Security |
| CompTIA Network+ | Not acquired | CompTIA |
| CompTIA Security+ | Not acquired | CompTIA |
📫 Connect
"You can't defend what you don't understand."