السَّلاَمُ عَلَيْكُمْ
Mohammed
Afnaan Ahmed
Cybersecurity Researcher & Ethical Hacker
Securing the digital world, one vulnerability at a time.
About
Offensive minded, Defensive focused
I'm a Cybersecurity researcher with a deep focus on web security, network security, and penetration testing. I spend time in isolated lab environments recreating real-world attack chains, studying threat actor TTPs, and finding
vulnerabilities that others miss.
My research led to the discovery of CVE-2025-14598, a critical SQL Injection
vulnerability affecting 100+ educational institutions across India, coordinated through CERT/CC.
On the defensive side, I operate a home lab running Splunk SIEM, practice SOC workflows, and simulate incident response
scenarios aligned with the MITRE ATT&CK framework. I hold strong knowledge of firewalls, IDS/IPS, WAF, and email
security technologies.
I also speak publicly and publish technical writeups, roadmaps, and resources that have reached thousands of security learners through LinkedIn, Github and Medium. I focus heavily into development implementing security by design methodology.
Certifications
Offensive security:
Defensive security:
( Click on the badges to verify authenticity )
Security Research
I discovered a critical SQL Injection vulnerability in a web platform used by 100+ educational institutions across India.
The vulnerability allowed unauthenticated attackers to interact directly with the backend database, exposing sensitive institutional and user data.
It allowed attackers to establish Remote Code Execution and gain full control the server with elevated privileges.
Responsibly disclosed and coordinated through CERT/CC.
9.8
CVSS Score
100+
institutions
1M+
Student's data
Technical Skills
Security Testing
Linux
Windows
VMWare
Raspberry Pi
Networking
Nmap
Metasploit
Wireshark
FortiGate
Python
C
GitHub
MySQL
Projects
Raspberry Pi Pico HID Attack
The Raspberry Pi Pico acts like a keyboard and delivers malicious payload when this programmed with this script.
This script is powered by MicroPython and Adafruit library.
Project Overhaul
Project Overhaul integrates a variety of popular penetration testing tools into a single Command Line Interface.
The following tools are supported as of now:
Nmap, Netcat, Gobuster, Amass, Metasploit, Sqlmap, Hashcat, John the Ripper.
Homelab for Offensive Security & SOC Simulation
Built a virtualized security home lab using VMware to practice offensive and defensive security operations.
Monitored network traffic and security events using Wireshark, Windows Event Logs, and Splunk SIEM to detect simulated attacks.
Work & Academics
EXPERIENCE
06/2025 - 03/2026
Cybersecurity Consultant
Freelance
Provided independent Cybersecurity consulting services to multiple clients, focusing on assessing and improving the security posture of web applications and on-premise infrastructure.
11/2024 - 12/2024
Cybersecurity Intern
The Red Users - Remote
Performed Packet analysis, security alert monitoring (Firewall, WAF, IDS/IPS), incident response and VM recovery, security assessments.
05/2022 - 06/2022
Ethical Hacking Trainee
Internshala Trainings
Discovered 19 vulnerabilities during VAPT of a vulnerable e-commerce app. Produced a developer-facing report with OWASP-classified findings.
EDUCATION
2021 - 2025
Bachelor of Technology - Computer Science & Engineering
Jawaharlal Nehru Technological University, Hyderabad
2019 - 2021
Intermediate - Mathematics, Physics & Chemistry
Meluha Junior College
2017 - 2019
High School Education - General Studies
Kiddie Koop High School