a
ahanaf0099

Ahnaf Khan

@ahanaf0099

Cybersecurity Expert , Web , API Penetration Tester and OWASP Expert

Bangladesh
English, Bengali, Hindi, Spanish, Urdu, German
About me
đŸ“Œâš ïžConcerned about hidden security risks that could compromise your web application, API or network infrastructure? I help businesses identify and fix critical security flaws before hackers exploit them. I am a Certified Ethical Hacker (CEH), OSCP, and OSWE-certified cybersecurity professional with over 5 years of hands-on experience, specializing in penetration testing and vulnerability assessments for web applications, APIs, and networks, aligned with the OWASP Top 10 security standards. I have tested 200+web applications, identifying critical vulnerabilities and security misconfigurations.... Read more

Skills

a
ahanaf0099
Ahnaf Khan
Offline ‱ 
Average response time: 1 hour

See my services

Technical Support
I will help with cybersecurity projects and technical reports
From$20 / projectMore details
Security
I will remove malware and secure your wordpress website
From$20 / projectMore details

Portfolio

Work experience

Bupa_UK

About my work with Bupa UK

Bupa UK ‱ Part-time

May 2025 - Present ‱ 1 yr

I have assessed the cybersecurity risks of the Bupa Group and conducted web application, API, and network penetration tests for businesses and startups.

HSBC_Australia

About my work with HSBC

HSBC Australia

Jan 2025 - Nov 2025 ‱ 10 mos

Conducted reconnaissance and OSINT investigations to map attack surfaces. Performed network scanning, service enumeration, and vulnerability detection. Helped clients identify insecure ports, outdated services, and misconfigurations. Provided remediation strategies to improve network security and reduce attack surfaces. Tools: Nmap, Nessus, Wireshark, Metasploit, Maltego, Amass, theHarvester, Shodan.

Pearson

About my work with Pearson

Pearson

Feb 2024 - Jan 2025 ‱ 11 mos

Performed manual and automated security testing on web platforms and CMS-based applications. Discovered and documented multiple medium-to-high risk vulnerabilities and provided mitigation steps. Conducted reconnaissance and attack surface analysis for improved security posture. Tools: Burp Suite, Nmap, Nikto, WhatWeb, Dirsearch.