Shamroz Bajwa
Faisalabad
Summary
Hands-on penetration tester skilled in network and web application assessments, exploit development, and OSINT, using tools such as Burp Suite, Nmap, and Metasploit. CEH-certified professional who uncovers and validates critical vulnerabilities with a results-focused approach. Translate technical findings into clear remediation guidance to drive measurable security improvements.
Overview
1
1
Certification
Work History
Pentester
Cyber Security (pentester)
- Performed penetration tests on lab networks using Kali Linux tools (Nmap, Nikto, Burp Suite) to identify and validate misconfigurations and service vulnerabilities.
- Executed vulnerability scans with OpenVAS and Nessus and manually verified findings to prioritize risks and recommend remediation for web and network services.
- Tested web applications for OWASP risks (SQL injection, XSS, auth flaws) using Burp Suite and manual payloads; documented exploited vectors and mitigation steps in lab reports.
- Hardened Linux lab VMs by applying secure configuration practices, investigating privilege escalation paths, and implementing fixes to reduce attack surface.
- Conducted static and dynamic malware analysis in isolated environments and recorded indicators of compromise; completed disk and memory forensics using Autopsy and Volatility.
- Participated in incident response drills-practiced containment, evidence preservation, and produced incident reports summarizing detection, scope, and recovery actions.
- Implemented secure coding principles in C++ assignments and executed network defense labs focused on firewall configuration, IDS, and traffic analysis with Wireshark.
Education
CyberSecurity
Riphah International University
FAISALABAD, Pakistan03-2026
Skills
- Burp Suite
- Nmap
- Metasploit
- Sqlmap
- Wireshark
- OpenVAS
- Nessus
- BloodHound
- Vulnerability assessment
- Web app testing
- Network penetration testing
- Social engineering
- Post-exploitation
- Lateral movement
- Exploit development basics
- Linux
- Kali
- Ubuntu
- Docker
- Trivy
- Tcpdump
- OWASP tools
- Python scripting
- Bash scripting
- C
- Regex
- Text processing
- Analytical thinking
- Incident response
- Technical reporting
- Team collaboration
Languages
Urdu
English
Certification
TryHackMe Labs
- Certified Ethical Hacker, Cisco, 07/01/25
- https://www.credly.com/users/shamroz-bajwa
- Introduction to Modern AI, Cisco, 07/01/25
- https://www.credly.com/users/shamroz-bajwa
- Introduction to Cybersecurity, Cisco, 06/01/24
- https://www.credly.com/users/shamroz-bajwa
- Introduction to IoT and Digital Transformation, Cisco, 07/01/25
- https://www.credly.com/users/shamroz-bajwa
- Network Defense, Cisco, 05/01/25
- https://www.credly.com/users/shamroz-bajwa
- Linux Essentials, Cisco, 05/01/25
- https://www.credly.com/users/shamroz-bajwa
- Network Support and Security, Cisco, 07/01/25
- https://www.credly.com/users/shamroz-bajwa
- C++ Essentials 2, Cisco, 02/01/25
- https://www.credly.com/users/shamroz-bajwa
- Advanced Programming in C++ (CPP), Cisco, 01/01/24
- https://www.credly.com/users/shamroz-bajwa
- Programming Essentials in C++ (CPA), Cisco, 07/01/23
- https://www.credly.com/users/shamroz-bajwa
- Pentesting Fundamentals
https://tryhackme.com/p/shamroz?tab=completed-rooms - Junior Security Analyst Intro
https://tryhackme.com/p/shamroz?tab=completed-rooms - Red Team Fundamentals
https://tryhackme.com/p/shamroz?tab=completed-rooms - Offensive Security Intro
https://tryhackme.com/p/shamroz?tab=completed-rooms - Defensive Security Intro
https://tryhackme.com/p/shamroz?tab=completed-rooms - Network & Threat Analysis Labs (Pyramid of Pain, DFIR Intro, Malware Analysis)
https://tryhackme.com/p/shamroz?tab=completed-rooms - https://tryhackme.com/p/shamroz?tab=completed-rooms
- https://tryhackme.com/p/shamroz?tab=completed-rooms
Timeline
Pentester
Cyber Security (pentester)
CyberSecurity
Riphah International University