About Skills Certifications Projects Contact
SECURITY RESEARCHER — SRINAGAR, J&K, INDIA

Wamiq Hilal

Junior Penetration Tester // Offensive Security Enthusiast

B.Tech Computer Science Engineer focused on web application security and VAPT. I break things methodically — reconnaissance, enumeration, exploitation, and clear reporting — then build the tooling to do it faster next time.

B.TechCOMPUTER SCIENCE & ENGINEERING
VAPTWEB APP SECURITY FOCUS
Kali / WinPRIMARY PLATFORMS
root@wamiqsec: ~
[ TARGET: ABOUT ]

Curious about how systems break — and how to prove it.

I'm a B.Tech Computer Science graduate focused on offensive cybersecurity, penetration testing, and web application security. I enjoy identifying vulnerabilities, building practical security tooling, and sharpening my skills through hands-on labs and independent research.

My work centers on reconnaissance, enumeration, and vulnerability assessment. I run a self-maintained offensive security lab using Kali Linux, DVWA, and Metasploitable to practice full attack chains safely and repeatably.

I'm currently building ReconMind, a modular Python reconnaissance framework, while deepening my methodology in bug bounty research and advanced network security.

DEGREEB.Tech, Computer Science & Engineering
ROLE TARGETJunior Penetration Tester
FOCUSWeb App Security / VAPT
PLATFORMSKali Linux, Windows
LABKali · DVWA · Metasploitable
LOCATIONSrinagar, J&K, India
[ TARGET: METHODOLOGY ]

How I approach an engagement

The same attack-chain discipline I follow in my home lab, on every target — from scope to final report.

01 / RECON
Reconnaissance
Map the attack surface — subdomains, services, technologies, and exposed assets — before touching anything.
02 / ENUM
Enumeration
Probe what recon surfaces for versions, misconfigurations, and entry points worth pursuing.
03 / EXPLOIT
Exploitation
Validate findings safely in a controlled environment, confirming real impact over theoretical risk.
04 / REPORT
Reporting
Document findings with CVSS scoring and clear remediation steps a development team can act on.
[ TARGET: SKILLS ]

Technical toolkit

Grouped by discipline — from methodology to the tools I run daily.

Offensive Security

Penetration Testing VAPT Reconnaissance Enumeration OWASP Top 10 Risk Assessment Vulnerability Assessment

Tooling

Burp Suite Nmap Wireshark Hydra Nikto Nuclei Subfinder ffuf Gobuster

Networking

TCP/IP DNS HTTP/HTTPS Routing & Switching ARP DHCP Subnetting OSI Model

Platforms

Kali Linux Windows Linux Administration Shell Scripting

Development

Python Bash HTML CSS JavaScript
[ TARGET: CERTIFICATIONS ]

Certifications

Formal credentials backing up the hands-on work.

CEH v13 — Certified Ethical Hacker
EC-Council
Cisco Ethical Hacker
Cisco
Google Cybersecurity Professional Certificate
Google
CCNA Fundamentals — Beginner
Coursera / Packt
Independent course, not Cisco-issued
CCNA Fundamentals — Intermediate
Coursera / Packt
Independent course, not Cisco-issued
[ TARGET: PROJECTS ]

Featured projects

Hands-on work from my lab and independent research — one public, the rest live in a private lab environment.

Virtual Penetration Testing Environment
PRIVATE LAB

A self-built virtual lab for practicing full attack chains end-to-end: Kali Linux against DVWA and Metasploitable, covering reconnaissance, exploitation, privilege escalation, and reporting.

Kali LinuxDVWAMetasploitableNetworking
Private lab environment — walkthrough available on request
Vulnerability Assessment Project
PRIVATE LAB

A structured VAPT engagement against a deliberately vulnerable target set: scoping, scanning, manual verification, CVSS-based risk scoring, and a formal findings report.

NmapNucleiOWASP Top 10Risk Assessment
Private lab environment — walkthrough available on request
Network Traffic Analysis
PRIVATE LAB

Packet-level investigation of live and captured network traffic using Wireshark: protocol analysis, anomaly detection, and identifying indicators of compromise across TCP/IP traffic.

WiresharkTCP/IPPacket Analysis
Private lab environment — walkthrough available on request
[ TARGET: CONTACT ]

Let's talk security.

Open to junior penetration testing and security analyst roles. Reach out directly, or connect on LinkedIn / GitHub.