r
rajafarhan97

Farhan Farrukh

@rajafarhan97

Reverse Engineer, Pentester, Malware Analyst, OSCP CEH eJPT

Pakistán
Inglés, Urdu, Hindi
Parte de la información aparece en idioma inglés.
Sobre mí
Think your systems are bulletproof? I’m here to test that. I’m a cybersecurity professional who reverse-engineers binaries, ethically breaks into web apps, and builds custom recon tools from scratch. From cracking legacy DOS executables to tearing apart modern web stacks, I help organizations uncover blind spots before attackers do. I don’t just run tools—I build them. I don’t just scan ports—I think like a real attacker, then help you fix the damage like an engineer. Ready to turn weaknesses into defenses? Let’s talk.... Lee más

Habilidades

r
rajafarhan97
Farhan Farrukh
desconectado • 
Tiempo medio de respuesta: 4 horas

Revisa mis servicios

Programación y tecnología
I will reverse engineer exe, dll, apk, and analyze binaries professionally
DeUSD 60 / proyectoMás información
Soporte técnico
I will analyze malware, suspicious files, and malicious software
DeUSD 75 / proyectoMás información

Experiencia laboral

TLC

Lead Penetration Tester

TLC • Tiempo completo

Mar 2024 - Oct 20251 yr 7 mos

As the Lead Penetration Tester at TLC, I architect and execute offensive security operations that replicate real attacker behavior, not just textbook vulnerabilities. I design targeted attack paths, hunt for logic flaws, and uncover weaknesses hidden deep in authentication flows, API trust zones, and complex system interactions. My work focuses on building exploit chains, stress-testing security controls, and revealing high-impact risks that directly affect business integrity. I oversee testing strategy, guide junior testers, and ensure every engagement includes actionable, engineering-ready remediation steps. I collaborate with leadership to translate adversarial findings into strategic security improvements, helping the organization evolve from reactive fixes to proactive defense. This role elevates my ability to think like a determined threat actor and deliver precision-targeted penetration testing that strengthens real-world resilience. less

Cybersecurity Analyst | Application Security & Vulnerability Research

Z Systems Ltd • Tiempo completo

Jan 2022 - Feb 20242 yrs 1 mo

At Z Systems, I focused on web application security, vulnerability research, and attack-surface analysis across multiple enterprise platforms. I performed penetration testing (XSS, IDOR, auth flaws, API issues) conducted threat modeling, and analyzed logic vulnerabilities in critical modules. Built custom recon and automation tools in Python/Bash, reviewed code for insecure patterns, and helped engineering teams apply secure coding and OWASP based fixes. Delivered clear technical reports aligned with MITRE ATT&CK and CWE standards. This role strengthened my expertise in AppSec, exploit analysis, red-team methodologies, and reverse-engineering-driven debugging, directly shaping my offensive security approach today.

IEC

Offensive Security Engineer

IEC • Tiempo parcial

Feb 2023 - Aug 20236 mos

At IEC, I worked across the full stack with a focus on identifying and eliminating security weaknesses in web applications. I analyzed frontend logic, backend APIs, authentication flows, and server behavior to uncover vulnerabilities such as XSS, IDOR, CSRF, insecure session handling, and broken access control. Developed and enhanced modules using JavaScript, Node.js, and modern frameworks, while performing security reviews, threat modeling, and code audits aligned with OWASP, CWE, and secure coding standards. Built scripts to test endpoints, validate access boundaries, and detect misconfigurations. This role strengthened my core skills in AppSec, vulnerability analysis, pentesting mindset, and exploit-driven debugging, directly shaping my offensive security and red-team approach today.