Hi There! 👋

I'm Zarar Ahmed

A Cyber Security Professional from Pakistan, specializing in penetration testing, CTF challenges, and security research.

Get In Touch View Projects Resume

zarar@kali:~$ whoami

Zarar Ahmed - Cybersecurity Professional

zarar@kali:~$ cat specialties.txt

→ Web Penetration Testing

→ Network Security

→ CTF Challenges

→ Blue Team Operations

zarar@kali:~$ _

About Me

I'm a dedicated cybersecurity professional specializing in penetration testing and security research. My journey started with curiosity about how systems work and evolved into a passion for finding vulnerabilities and making the digital world safer. From participating in CTF competitions to discovering real-world bugs, I'm committed to continuous learning and contributing to the security community.

Security First

Committed to identifying vulnerabilities and implementing robust security solutions

Continuous Learning

Always exploring new techniques, tools, and methodologies in cybersecurity

CTF Player

Active participant in Capture The Flag competitions and security challenges

Community Focused

Sharing knowledge and collaborating with the cybersecurity community

🌱 Currently Learning

Network Pentesting Blue Teaming Bash Scripting Security Automation Cloud Security (AWS) Mobile App Testing Web Fuzzing API Security

Focusing on these areas to expand my offensive and defensive security capabilities, with special interest in cloud infrastructure security and modern application testing.

Personal Insight: My favorite vulnerability class is SQL Injection - it's fascinating how a simple input validation issue can lead to complete database compromise. Always sanitize your inputs! 💉

My Arsenal

Tools, Technologies & Frameworks I work with

Scripting & Programming

Python Advanced

Bash Intermediate

JavaScript Intermediate

PowerShell Beginner

Databases

MySQL

PostgreSQL

Tools & Platforms

Docker

Git

Linux

AWS

Security Tools

Kali Linux

Burp Suite

OWASP ZAP

Nmap

Metasploit

SQLMap

Wireshark

Hydra

Subfinder

Amass

Gobuster

Nikto

Core Competencies

Web Penetration Testing

OWASP Top 10, SQL Injection, XSS, CSRF, and API Security Testing

Network Security

Network Scanning, Vulnerability Assessment, and Infrastructure Testing

CTF Challenges

Active TryHackMe participant with experience in diverse security challenges

Blue Team Operations

Security Monitoring, Incident Response, and Defensive Security Strategies

Bug Bounty Experience

Hunting for vulnerabilities and making the web safer

Active participant in bug bounty programs, focusing on finding and responsibly disclosing security vulnerabilities in web applications and APIs. My approach combines automated reconnaissance with manual testing to uncover critical security issues.

Platforms

HackerOne

Bugcrowd

Synack (Red Team)

Intigriti

Vulnerability Types

SQL Injection XSS (Reflected & Stored) CSRF IDOR Authentication Bypass API Security SSRF XXE

Methodology

Reconnaissance & Asset Discovery
Subdomain Enumeration
Parameter Analysis & Fuzzing
Manual Security Testing
Responsible Disclosure

All findings are reported through official bug bounty platforms following responsible disclosure practices. Specific details and acknowledgments are confidential per platform policies.

Projects & Write-ups

CTF solutions, security research, and open-source contributions

CTF Write-ups

Detailed solutions and walkthroughs for various CTF challenges from platforms like TryHackMe, HackTheBox, and CTF competitions. Documenting my approach to solving security challenges.

Web Exploitation Cryptography Reverse Engineering

View on GitHub

Security Tools

Custom security automation scripts and tools developed to streamline penetration testing workflows, reconnaissance, and vulnerability assessment tasks.

Python Bash Automation

View on GitHub

Security Research

Research articles and blog posts covering the latest security trends, vulnerability analysis, and defensive security strategies. Sharing knowledge with the community.

Research Analysis Documentation

Explore all my projects and contributions on GitHub

Visit GitHub Profile

Achievements & Stats

TryHackMe

Active member completing rooms and challenges in various security domains

View Profile

Hack The Box

Practicing on realistic penetration testing scenarios and vulnerable machines

View Profile

Certifications

Pursuing OSCP

PortSwigger Academy Certifications

TryHackMe Learning Paths

Continuously working towards industry-recognized certifications

GitHub Stats

Active Contributor

Open Source

I'm Zarar Ahmed

About Me

Security First

Continuous Learning

CTF Player

Community Focused

🌱 Currently Learning

My Arsenal

Scripting & Programming

Databases

Tools & Platforms

Security Tools

Core Competencies

Web Penetration Testing

Network Security

CTF Challenges

Blue Team Operations

Bug Bounty Experience

Platforms

Vulnerability Types

Methodology

Projects & Write-ups

CTF Write-ups

Security Tools

Security Research

Achievements & Stats

TryHackMe

Hack The Box

Certifications

GitHub Stats

Activity Overview

Get In Touch

Email

LinkedIn

GitHub