Offensive Security · Penetration Testing · Red Team

Helping you find vulnerabilities before attackers do.

VAPT Engineer specializing in web and network security, Active Directory assessments, and realistic adversary-style attack simulations.

View Attack Simulations Download Resume
Active Directory Web Security Network Security AI / LLM Security
SOC Splunk Python Bash
Certified Offensive Security
Always Learning
AD Domain Dominance
Building Red Team Career

About Me

I'm Rakib Mahmud Nadir, a cybersecurity professional specializing in penetration testing, network security, and ethical hacking. Currently, I serve as a Junior VAPT Engineer at Cyenetic Solutions Ltd., where I conduct deep-dive web and network assessments and deliver comprehensive vulnerability reports.

My technical expertise spans Active Directory attack simulations, AI/LLM security research, and red team operations—including adversarial research against large language models such as prompt injection and guardrail bypass. I hold a suite of industry certifications including CRTP, eJPTv2, CRTA, CNSP, CSEDP, and CJWPT, with CRTO currently in progress.

I am currently pursuing a Bachelor's degree at KUET and serve as the Offensive Security Wing Lead at KCSC, leading technical initiatives and mentoring aspiring ethical hackers. Ranked in the top 1% globally on TryHackMe, I am expanding my expertise into cloud penetration testing to further broaden my offensive security capabilities.

Rakib Mahmud Nadir

Professional Experience

Junior VAPT Engineer

Apr 2026 – Present

Cyenetic Solutions Ltd., Dhaka, Bangladesh

  • Conduct vulnerability assessments and penetration testing on web applications, networks, and systems
  • Identify, analyze, and document security vulnerabilities and risks
  • Prepare detailed reports outlining findings, risk levels, and recommended remediation steps
  • Collaborate with the security team to develop and improve testing methodologies
  • Support in developing proof-of-concept exploits and security testing scripts

Assistant Mentor – Offensive Security

Dec 2025 – Mar 2026

Hack Secure, India · Remote

  • Performed web application penetration tests covering OWASP Top 10 vulnerabilities (SQLi, XSS, IDOR, authentication bypass)
  • Conducted network penetration testing including service enumeration, credential attacks, and misconfiguration discovery
  • Ran automated vulnerability scans and validated findings manually
  • Wrote remediation reports with executive summaries and technical recommendations

Cybersecurity Intern

Verify →
Apr 2025 – May 2025

Hack Secure, India · Remote

  • Mentored cybersecurity interns, guiding them through labs and offensive security concepts
  • Designed learning content and structured training materials for the internship program
  • Co-hosted cybersecurity webinars as a speaker
  • Continued active penetration testing while taking on teaching responsibilities

Leadership & Community

Offensive Security Wing Lead

Jan 2026 – Present

Kuet Cyber Security Club (KCSC), KUET

  • Leading the offensive security wing, focusing on penetration testing, CTF preparation, and red teaming
  • Designing and conducting technical workshops and live attack simulations for club members
  • Mentoring students in ethical hacking methodologies, toolsets (Burp Suite, Metasploit, etc.), and security best practices
  • Managing club infrastructure and maintaining vulnerable lab environments for hands-on practice

Certifications & Achievements

Certifications

Honors and Achievements

My Projects

Adversarial LLM Security Assessment
AI / LLM Security

Adversarial LLM Security Assessment

Built and pentested a local multi-model AI environment using Ollama, evaluating Mistral, Qwen, Gemma, Granite, and LLaMA against real-world adversarial techniques. Conducted automated prompt injection testing using Garak v0.14 across 768 attack attempts. Mistral:7b rated DC-2 (Very High Risk). Fingerprinted a live RAG-powered chatbot backend using LLMap. Built and open-sourced garak-report-to-excel for structured vulnerability reporting.

LLM Security Prompt Injection Garak Ollama LLMap Python OWASP LLM Top 10
View on GitHub
garak-report-to-excel
Open Source Tool / Python

garak-report-to-excel

A Python utility that parses raw Garak LLM vulnerability scanner .jsonl report files into structured Excel spreadsheets. Built to solve the problem of unreadable Garak output during adversarial LLM security research.

Python Garak LLM Security Automation Excel
View on GitHub →
Image coming soon
Open Source Tool / Python

Passive Subdomain Parser

An open-source asynchronous subdomain enumeration and alive-checking tool for security assessments, bug bounty hunting, and VDP reconnaissance. Integrates multiple passive intelligence sources including crt.sh, AlienVault OTX, RapidDNS, HackerTarget, urlscan.io, ThreatCrowd, and SecurityTrails. Features concurrent alive-host validation using AsyncIO and AIOHTTP, optional subfinder integration, JSON/CSV export, and a Rich-powered terminal interface.

Python AsyncIO AIOHTTP Reconnaissance Bug Bounty OSINT Subdomain Enumeration
View on GitHub
Multi-Forest Active Directory Lab
Infrastructure

Multi-Forest Active Directory Lab

Built a fully isolated enterprise-grade AD environment across four network segments — enterprise.dc (Primary Forest), corp.enterprise.dc (Child Domain), and manufacturing.local (Secondary Forest). Simulates real-world attack paths including network pivoting, trust relationship attacks, privilege escalation across domain boundaries, and cross-forest compromise via bidirectional forest trust.

Active Directory Penetration Testing Network Pivoting Kerberos Red Team
View on GitHub Download Config Guide View POC
Web App Security Assessment (Grey Box)
Web Pentest

Web App Security Assessment (Grey Box)

Conducted a Grey Box penetration test on a self-hosted web application. Identified critical vulnerabilities including weak JWT implementation leading to account takeover, XSS enabling session hijacking, authentication flaws, and insecure transport mechanisms. Findings manually validated with actionable remediation aligned to OWASP and PTES.

Burp Suite OWASP JWT XSS SQL Injection Grey Box
View on GitHub Download Report
Phishing Email Analysis
SOC / Forensics

Phishing Email Analysis

Conducted structured forensic analysis of a phishing email impersonating a major brand. Performed full email header inspection, sender infrastructure tracing, and SPF/DKIM/DMARC verification. Analyzed embedded URL using VirusTotal, URLVoid, and PhishTool, confirming an active credential harvesting portal. Documented findings in a structured SOC report with IOC summary and containment recommendations.

Forensic Analysis Anti-phishing SOC CTI Incident Response PhishTool
View on GitHub View on LinkedIn
Image coming soon
Endpoint Security / Blue Team

Hands-On Endpoint Analysis: Detecting Persistence After a Simulated Compromise

Simulated a full compromise-and-detection scenario on a Windows endpoint using Metasploit. Established a Meterpreter reverse TCP session, deployed malicious.exe as an auto-start Windows service (BackupService), and added a registry run key for logon persistence. Detection phase included process tracing via WMIC, service analysis with Get-CimInstance, network analysis confirming the Meterpreter session on port 5555, registry forensics via PowerShell, and autorun baselining with PSAutoRun to diff pre/post-compromise snapshots. VirusTotal flagged the hash 58/71 as trojan.metasploit/rozena.

Metasploit Endpoint Triage Persistence Analysis Registry Forensics PSAutoRun VirusTotal TCPView
Image coming soon
SIEM / Blue Team

SIEM Deployment & Blue Team Detection Lab — Splunk Enterprise

Deployed and configured Splunk Enterprise on Ubuntu to understand how defenders detect offensive techniques at the log level. Ingested real HTTP web server logs and used SPL to investigate traffic patterns — identifying a single IP generating 2,920 out of 3,086 total requests. Surfaced a Hydra brute-force tool signature making POST requests to /login.php. Built a multi-panel security dashboard covering top user agents, URI path frequency, geographic IP distribution, and HTTP volume over time. Configured a real-time alert for Local File Inclusion (LFI) detection.

Splunk SPL SIEM Log Analysis Threat Detection Ubuntu Linux Dashboard Building
Remote & Local Credential Harvesting
Infrastructure

Remote & Local Credential Harvesting in AD

Demonstrated credential harvesting in Active Directory using Mimikatz, SAM dumps, LSASS extraction, DCSync attacks, and Overpass-the-Hash / Pass-the-Ticket techniques. Highlights precise execution to avoid triggering service loops, with lateral movement simulation across AD environments.

Mimikatz Active Directory DCSync Kerberos Credential Theft
View on LinkedIn
Kerberos Unconstrained Delegation
Infrastructure

Kerberos Unconstrained Delegation Abuse

Full exploitation of Kerberos unconstrained delegation misconfigurations to achieve domain-level compromise through TGT extraction and impersonation.

Kerberos Delegation Domain Admin Active Directory
View on LinkedIn
AdminSDHolder Persistence
Infrastructure

AdminSDHolder Persistence & ACL Abuse

Demonstrated persistence through AdminSDHolder ACL abuse, maintaining backdoor access to privileged AD groups through SDProp propagation.

AdminSDHolder ACL Abuse Persistence Active Directory
View on LinkedIn

Community & Content

Speaking

Breaking & Building: A Practical Intro to Cybersecurity

📅 April 2026 · KCSC – KUET Cyber Security Club · In-Person Session

  • Conducted KCSC's first physical cybersecurity session at Khulna University of Engineering and Technology
  • Live demonstrations of real-world web attacks using Burp Suite and PortSwigger Web Security Academy labs
  • Helped beginners understand the attacker mindset and how it builds stronger defenders
  • Founded KCSC with the goal of building a strong, practical, and community-driven cybersecurity culture at KUET
View on Facebook →
KCSC KUET Cybersecurity Session
KCSC KUET Cybersecurity Session

Hack Your Career: Landing Jobs & Doing Real Work in Cybersecurity

📅 May 3, 2026 · KCSC – KUET Cyber Security Club · Online (Google Meet)

  • Career roadmap covering Pentest, SOC, and Red Team paths
  • Interview preparation strategies and job hunting alongside studies
  • Featuring a live Purple Team simulation: Red vs Blue in action
View on Facebook →
Hack Your Career — KCSC Session Poster

Cybersecurity Essentials & Career Guidelines

📅 February 15, 2026 · Live Webinar

  • Cybersecurity basics and common attack vectors
  • Career paths in offensive & defensive security
  • Portfolio building and certification guidance
Webinar Poster

Latest Blog Posts

Breaking Exception — Blog Post Header
March 28, 2026

Breaking "Exception" — A Medium Linux Lab Writeup

A walkthrough of the "Exception" challenge lab by Hack Smarter, covering enumeration, exploitation, and privilege escalation on Linux.

Read Article →
How to Start Your Cybersecurity Journey
March 4, 2026

How to Start Your Cybersecurity Journey as a Student (The Right Way)

A practical guide for students looking to break into cybersecurity — cutting through the noise with actionable steps.

Read Article →
When a Single Header Bypasses Your Access Control
February 13, 2026

When a Single Header Bypasses Your Access Control

A deep dive into access control failures — how a single HTTP header misconfiguration can lead to full authorization bypass.

Read Article →
CRTP Exam Preparation and My Experience
February 9, 2026

CRTP Exam Preparation and My Experience

My preparation strategy, exam experience, and lessons learned from the Certified Red Team Professional exam.

Read Article →
Advanced PowerShell Security
January 3, 2026

Advanced PowerShell Security: Defense in Depth and Adversarial Bypasses

AMSI bypasses, constrained language mode, and script block logging from an offensive perspective.

Read Article →
Hack The Box — Querier Writeup
July 25, 2025

Hack The Box — Querier Writeup

MSSQL enumeration, xp_cmdshell exploitation, and full domain compromise.

Read Article →
TryHackMe — Startup CTF Write-up
March 5, 2025

TryHackMe — Startup CTF Write-up

FTP enumeration, reverse shells, and Linux privilege escalation on a beginner-level TryHackMe room.

Read Article →
Read more on Medium

Get In Touch

Let's connect

I'm always interested in discussing new security challenges, research collaborations, or potential opportunities. Feel free to reach out through any of the channels below.