Ahad Khan Niazi

Operations Associate

Lahore, Punjab, Pakistan2 yrs 7 mos experience

Key Highlights

  • Expert in Web Application and API Security Testing.
  • Hands-on experience with leading security tools.
  • Strong background in vulnerability assessments and penetration testing.
Stackforce AI infers this person is a Cybersecurity Specialist with expertise in application and network security.

Contact

LinkedIn

Skills

Core Skills

Web Application SecurityApi SecurityMobile SecurityVulnerability AssessmentOffensive Security

Other Skills

Web Applications SecurityBackend API SecurityCloud SecurityPenetration TestingOWASP Top 10SAST/DAST toolsSecurity misconfigurationsAPI authenticationOAuthJWTStatic and dynamic analysisMobile security frameworksWeb SecurityNetwork SecurityWeb Exploitation

About

A Penetration Tester Passionate about fortifying digital ecosystems through rigorous manual and automated white, black, and grey-box testing. ##Expertise in: Web Applications VAPT API Security Testing (REST, GraphQL, SOAP) Internal & External Network Security Network Devices Configuration Audit Mobile Applications Security (Android/iOS) Cloud Security (AWS, AZURE, GCP) Desktop Applications Security Database Security Assessment Compromise Assessment Log Analysis Active Directory ##Security Testing Approaches: White Box, Grey Box, Black Box, Purple Teaming ##Knowledge of Security and Compliance Frameworks: PCI DSS, CIS, ISSAF, OSSTMM, PTES, PTF, GDPR, HIPAA Knowledge of SDLC, SAST, DAST, and IAST. SAST Tools: SonarCloud, SonarQubeDAST DAST Tools: ZAP, Checkmarx IAST Tools: Contrast Security, Veracode Hands-on with Industry-leading Tools: Kali Linux, Rapid7 (Applications Securit, VM, Cloud), SecurityScoreCard, Accunetix, Invicti, Nessus, Nipper Studio, Scuba, Thor, Metasploit Burp Suite, MobSF, Drozer, Frida, Objection, Jadx-GUI Android Emulators (Memu, Genymotion, Nox, AVD) Learning at least one new line everyday... Self-Learner/Guider/Advisor/Motivated Trying Harder and Harder....... :) #Portfolio: ahadkhanniazi.vercel.app

Experience

2 yrs 7 mos
Total Experience
2 yrs 1 mo
Average Tenure
6 mos
Current Experience

Ibex

Information Technology Security Analyst

Nov 2025Present · 6 mos · Lahore, Punjab, Pakistan · Hybrid

  • Responsibilities:
  • =>Web Applications Security:
  • Performing comprehensive security testing of web applications, including OWASP Top 10 vulnerabilities, security misconfigurations, and business logic
  • flaws.
  • Ensuring secure configuration and hardening of web servers, firewalls, and application servers
  • Experiencing with SAST/DAST tools like ZAP; Veracode,
  • or SonarQube for web security assessments and code reviews.
  • =>Backend API Security:
  • Analyze and secure backend APIs against attacks such as injection, cross-site scripting (XSS), cross-site
  • request forgery (CSRF), and API endpoint misconfigurations.
  • Review API authentication and authorization mechanisms (OAuth, JWT) for potential vulnerabilities.
  • Implementing secure coding practices in collaboration with development teams to minimize attack surfaces.
  • =>Mobile Security (Android & iOS):
  • Conducting penetration testing on Android and iOS applications using static and dynamic analysis techniques.
  • Assess mobile app security for potential vulnerabilities like insecure data storage, improper SSL/TLS implementations, and weak encryption.
  • Providing guidance to mobile app development teams on secure coding best practices.
  • Experience with mobile security frameworks, and tools
  • like Drozer, MobSF, FRIDA or similar.
  • =>Cloud Security
  • =>Detailed Manual Reporting
  • =>Vulnerability Assessment and Penetration Testing (VAPT)
  • Testing Approaches: Grey Box, Black Box
  • Tools : Kali Linux, SecurityScore Card, Rapid7 Enterprise, Burpsuite Enterprise, Jadx-GUI, Drozer, Frida, etc.
Web Applications SecurityBackend API SecurityMobile SecurityCloud SecurityVulnerability AssessmentPenetration Testing+2

Picoctf

CTF PLAYER

Mar 2024Present · 2 yrs 2 mos

  • Web Exploitation
  • https://play.picoctf.org/users/sian_fkp37
Web Exploitation

Catalyic security

Information Security Consultant

Oct 2023Nov 2025 · 2 yrs 1 mo · Lahore, Punjab, Pakistan · On-site

  • Job Roles & Responsibilities:
  • Conducted onsite and remote end-to-end vulnerability assessments and penetration tests for:
  • Web Applications
  • APIs
  • Internal & External Networks
  • Databases
  • Desktop Applications
  • Network Devices Configuration Audit
  • Mobile Applications (Android/iOS)
  • Log Analysis
  • Compromise Assessment
  • OSINT
  • Performed security testing following OWASP Top 10 (Web, API, Mobile) and other industry standards relevant to digital assets.
  • Applied White Box, Black Box, and Grey Box testing methodologies.
  • Utilized a mix of automated tools and manual techniques for comprehensive security assessments.
  • Hands-on experience with industry-leading tools, including:
  • Kali Linux, Accunetix, Invicti, Nessus, Nipper Studio, Scuba, Thor, Metasploit, Burp Suite, MobSF, Drozer, Frida, Objection, Jadx-GUI
  • Android Emulators (Memu, Genymotion, Nox, AVD)
  • Delivered detailed security reports highlighting vulnerabilities, business impacts, and actionable remediation plans.
Vulnerability AssessmentsPenetration TestsSecurity TestingVulnerability Assessment

Hacker bro technologies

Red Team Engineer

Sep 2023Dec 2023 · 3 mos · India · Remote

  • I got training about:
  • Red Team Fundamentals
  • Red Team Engagements
  • Red Team Recon
  • Advance of Offensive Security
  • Principle of Security
  • Pentesting Fundamentals
  • Windows Privilege Escalation
  • Linux Privilege Escalation
  • Credential ID: 1f25d11d-a9df-4d32-971a-414f8fe42bab
Red Team FundamentalsOffensive SecurityPenetration Testing

Tryhackme

CTF PLAYER

Jan 2023Present · 3 yrs 4 mos

  • Web Security, Network Security, API Security, OWASP TOP 10, CTF
  • Profile:
  • https://tryhackme.com/p/hackroar
Web SecurityNetwork SecurityAPI Security

Education

Virtual University of Pakistan

BSCS — Computer Science

Sep 2020Dec 2024

Stackforce found 100+ more professionals with Web Application Security & Api Security

Explore similar profiles based on matching skills and experience

Karan Bhatt

Karan Bhatt

Engineer- Security [Consultant]

at Ajaib

Bengaluru, India3 yrs 9 mos exp
Application SecurityCloud SecurityPenetration TestingVulnerability Management
Nisha kumari

Nisha kumari

Associate

at Morgan Stanley

Bengaluru, India7 yrs 11 mos exp
Hitesh Thakur

Hitesh Thakur

Security Engineer

at PhonePe

Bengaluru, India4 yrs 10 mos exp
Application SecurityCybersecurityInformation SecurityVulnerability Management
ID

Ishan D.

Security Consultant

at Confidential

Pune, India10 yrs 2 mos exp
Vulnerability AssessmentEthical Hacking
Satish Bommisetty

Satish Bommisetty

Senior Manager, Product Security

at Highspot

Hyderabad, India19 yrs 9 mos exp
API SecurityApplication SecurityPenetration TestingSecure SDLCVulnerability Disclosure Programs
Bruno Naves

Bruno Naves

Red Team Operator

at banco BV

Brasília, Brazil5 yrs 5 mos exp
Red TeamingAdversary EmulationPenetration TestingSecurity AssessmentsDetection Validation
Sahil Pednekar

Sahil Pednekar

Senior Cybersecurity Analyst

at Network Intelligence

Mumbai, India5 yrs 1 mo exp
CybersecurityMobile Application Security
Nidhi Verma

Nidhi Verma

Senior Software Engineer

at Microsoft

Hyderabad, India13 yrs 8 mos exp
Application SecurityPenetration TestingVulnerability Assessment