Companies Worked with
About Me!
Currently, I'm a Software & Application Security Engineer at
Invygo,
As a full-stack developer and security researcher, I have extensive experience in building, maintaining, and securing systems using various JavaScript technologies. Over the past four years, I have developed expertise in the React, Node.js, NestJS, and TypeScript stack. I have also contributed to securing systems for companies of all sizes, including industry leaders like Apple and TrendMicro. Currently, I work as both a software and application security engineer at Invygo, a Dubai-based startup, where I focus on enhancing the security and scalability of our services.
Currently expanding my skills in Kubernetes and AWS.
Experience
Full-time | Software & Application Security Engineer, Invygo. 2023-Present
At Invygo, I play a dual role as both a software engineer and an application security engineer, where I’ve successfully closed over 50 vulnerabilities and maintain our microservices architecture.
- Collaborated with cross-functional teams to develop and implement secure container deployment strategies.
- Integrated security practices into CI/CD workflows using Github, implementing DevSecOps principles.
- Implemented container image scanning and vulnerability management with tools like Trivy and Clair.
- Maintain and enhance backend tasks to ensure system reliability and performance.
- Managed Node.js version upgrades across all microservices.
Freelance | Security Research 2020-Present
Collaborated with several companies as a freelancer and through bug bounty programs, helping to secure their assets, including those of Apple, TrendMicro, and JustLife.
- Performed comprehensive penetration testing assessments for multiple platforms.
- Collaborated with cross-functional teams to remediate identified security vulnerabilities.
- Delivered detailed security reports, outlining identified vulnerabilities and recommended remediation steps.
Full-time | Software Developer, Fikralabs, 2021-2023
As a full stack developer at Fikralabs for over 3 years, I played a crucial role in the company by leading and managing our team to successfully deliver on client needs. I demonstrated flexibility by working across multiple tech stacks, from JavaScript to WordPress and Progressive Web Apps (PWAs)
- Translating Figma designs into frontend applications using ReactJS and Next.js.
- Developing robust backends with Node.js, integrating both SQL and NoSQL databases for scalable solutions.
- Analyzing client needs and transforming them into impactful digital solutions.
- Leading and managing our engineering team to successfully deliver client projects
Projects
Technical Skills
Backend developement
NodeJS
NestJS
ExpressJS
Frontend developement
HTML/CSS
Javascript
Typescript
ReactJS
NextJS
TailwindCss
Database
MongoDB
MySQL
Postgres
Firebase
Security
Burp Suite
Metasploit
Nmap
Kali Linux
DefectDojo
OWASP ZAP
UX/UI
Figma
Other
Docker
Github
Git
RabbitMQ
Explore my blog
Explore a world of articles, tips, and deep dives into IT and software engineering. From the latest trends and tools to best practices in security and development,
ExploreCertifications
PentesterLab
The Recon badge is our set of exercises created to help you learn Reconnaissance
PentesterLab
PentesterLab's Unix badge addresses key Unix system vulnerabilities, including weak passwords, file permissions issues ...
PentesterLab
The Recon badge is our set of exercises created to help you learn Reconnaissance.
TheSecOpsGroup
Certified AppSec Practitioner (CAP) is an entry-level exam to test candidates’ knowledge on the core concepts of application security.
TCM Academy
Practical API Hacking provides you with everything you need to start hacking APIs.
PentesterLab
The Recon badge is our set of exercises created to help you learn Reconnaissance
PentesterLab
PentesterLab's Unix badge addresses key Unix system vulnerabilities, including weak passwords, file permissions issues ...
PentesterLab
The Recon badge is our set of exercises created to help you learn Reconnaissance.
TheSecOpsGroup
Certified AppSec Practitioner (CAP) is an entry-level exam to test candidates’ knowledge on the core concepts of application security.
TCM Academy
Practical API Hacking provides you with everything you need to start hacking APIs.
PentesterLab
The Recon badge is our set of exercises created to help you learn Reconnaissance
PentesterLab
PentesterLab's Unix badge addresses key Unix system vulnerabilities, including weak passwords, file permissions issues ...
PentesterLab
The Recon badge is our set of exercises created to help you learn Reconnaissance.
TheSecOpsGroup
Certified AppSec Practitioner (CAP) is an entry-level exam to test candidates’ knowledge on the core concepts of application security.
TCM Academy
Practical API Hacking provides you with everything you need to start hacking APIs.
PentesterLab
The Recon badge is our set of exercises created to help you learn Reconnaissance
PentesterLab
PentesterLab's Unix badge addresses key Unix system vulnerabilities, including weak passwords, file permissions issues ...
PentesterLab
The Recon badge is our set of exercises created to help you learn Reconnaissance.
TheSecOpsGroup
Certified AppSec Practitioner (CAP) is an entry-level exam to test candidates’ knowledge on the core concepts of application security.
TCM Academy
Practical API Hacking provides you with everything you need to start hacking APIs.