Wamiq Hilal
B.Tech Computer Science Engineer focused on web application security and VAPT. I break things methodically — reconnaissance, enumeration, exploitation, and clear reporting — then build the tooling to do it faster next time.
Curious about how systems break — and how to prove it.
I'm a B.Tech Computer Science graduate focused on offensive cybersecurity, penetration testing, and web application security. I enjoy identifying vulnerabilities, building practical security tooling, and sharpening my skills through hands-on labs and independent research.
My work centers on reconnaissance, enumeration, and vulnerability assessment. I run a self-maintained offensive security lab using Kali Linux, DVWA, and Metasploitable to practice full attack chains safely and repeatably.
I'm currently building ReconMind, a modular Python reconnaissance framework, while deepening my methodology in bug bounty research and advanced network security.
How I approach an engagement
The same attack-chain discipline I follow in my home lab, on every target — from scope to final report.
Technical toolkit
Grouped by discipline — from methodology to the tools I run daily.
Offensive Security
Tooling
Networking
Platforms
Development
Certifications
Formal credentials backing up the hands-on work.
Featured projects
Hands-on work from my lab and independent research — one public, the rest live in a private lab environment.
An intelligent, Python-based offensive security reconnaissance and vulnerability assessment framework. Automates subdomain discovery, enumeration, and initial attack-surface mapping into a single modular pipeline.
View RepositoryA self-built virtual lab for practicing full attack chains end-to-end: Kali Linux against DVWA and Metasploitable, covering reconnaissance, exploitation, privilege escalation, and reporting.
A structured VAPT engagement against a deliberately vulnerable target set: scoping, scanning, manual verification, CVSS-based risk scoring, and a formal findings report.
Packet-level investigation of live and captured network traffic using Wireshark: protocol analysis, anomaly detection, and identifying indicators of compromise across TCP/IP traffic.
Let's talk security.
Open to junior penetration testing and security analyst roles. Reach out directly, or connect on LinkedIn / GitHub.