Skip to content
View r1yaz's full-sized avatar
🤩
Helping, Learning, Failing and Succeeding
🤩
Helping, Learning, Failing and Succeeding
  • Carnegie Mellon University
  • Pittsburgh
  • 11:40 (UTC -05:00)
  • LinkedIn in/r1yaz

Highlights

  • Pro

Block or report r1yaz

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
r1yaz/README.md

About

Greetings!

I'm a current Masters in Information Security student at Carnegie Mellon University with ~4 years of industry experience in securing organizations from the ground up in all aspects of Security. I specialize in DevSecOps, Application Security, Secure Coding, and Performing Security Reviews of Systems and Architectures.

My other areas of expertise include AWS - Security | Architecture | DevOps | DevSecOps, Ruby on Rails - Programming | Security, Startup Security, Risk assessment and mitigation, Mitigating OWASP Top 10, SOC2 - GDPR - ISO Compliance, Incident response, Vulnerability Assessment and Penetration Testing (VAPT), Purple-teaming, Security Awareness Training, Network Security, Online Privacy/Anonymity, and OPSEC.

Projects of Interest -

  1. WinDED - Exploit Development using Python for CVE-2023-38831 (WinRAR)
  2. V.M.A2S - Fully Automated & Centralized Vulnerability Lifecycle Management Microservice
  3. Private repo - eXploitHub - Custom written exploits for attacks such as bypassing Stack Canaries, NOP Sled, ROP Gadget, Ret-to-libc, ASLR, Padding Oracle, Certificate Auth, XSS, SQL Injection, K8s, Linux Least Privileges, One-time pads, ECB, PGP, Hash extension attacks, SSL, Protocol Analysis, Tor attacks, and Blockchain.

Organized, Detailed-oriented, and a Productive Engineer with a GTD mindset (Getting Things Done). Self-taught, Quick-learner, and Social.

Resume - Best_Security_Engineer ||| Blog - Most_Useful_Security_Blog

🔭 I’m currently working on AppSecEngineer course content over at AppSecEngineer.

Have a good one!

Pinned Loading

  1. vmA2s vmA2s Public

    DevSecOps projects which I've built and am in the process of open sourcing it

    2 1

  2. winDED winDED Public

    Exploit Development using python for CVE-2023-38831 (POC)

    Python 2