About Me

Offensive Security Researcher specializing in Web, API, Network & Cloud Security

👋 Introduction

Hi, I'm Alham Rizvi, an Offensive Cybersecurity Analyst and Security Researcher based in Mumbai, Maharashtra, India. I'm widely recognized in the cybersecurity community for my technical write-ups and contributions to security platforms.

My journey in cybersecurity has been driven by a passion for discovering vulnerabilities and helping organizations build more secure systems. I specialize in web application security, API testing, and penetration testing across various environments including cloud and AI systems.

🎯 Professional Expertise

Core Competencies

  • Web Application Security Testing
  • API Security & Exploitation
  • Network Penetration Testing
  • Cloud Security Assessments
  • AI Environment Security
  • Bug Bounty Hunting
  • Red Team Operations
  • Security Research & Tool Development

Technical Skills

🔍 Reconnaissance

Nmap, Amass, Subfinder, Masscan, Shodan

🛠️ Exploitation

Burp Suite, Metasploit, SQLmap, XSStrike

📊 Analysis

Wireshark, tcpdump, Ghidra, IDA Pro

💻 Programming

Python, Bash, Go, JavaScript, PHP

🏆 Achievements & Recognition

  • Top 2,000 globally on TryHackMe with 300+ rooms completed
  • Active contributor on HackTheBox and PicoCTF platforms
  • Published security researcher on Medium and WordPress
  • Developer of multiple open-source security tools
  • Regular participant in CTF competitions
  • Community member on various security platforms

🎓 Certifications

  • CRTA (Certified Red Team Analyst) - CyberWarfare Labs
  • Google Cybersecurity Professional Certificate
  • Cisco Certified Ethical Hacking
  • Junior Penetration Tester Certification

🚀 Open Source Contributions

I actively contribute to the cybersecurity community through open-source tool development:

  • ParameterX - Advanced parameter discovery tool
  • XSSion - Fastest Reflected XSS Finder
  • urlx - Multi-source URL discovery tool
  • tr01d - Sensitive information extraction tool
  • rapzy - Web UI Subdomain Enumeration
  • Bug Bounty Roadmap - Comprehensive learning guide

📚 Education & Learning

I believe in continuous learning and stay updated with the latest security trends through:

  • Active participation in CTF platforms (TryHackMe, HackTheBox, PicoCTF)
  • Reading security research papers and blogs
  • Attending security conferences and webinars
  • Contributing to security communities
  • Sharing knowledge through writeups and tutorials

Download My Resume

Get a comprehensive overview of my skills, experience, and achievements in cybersecurity.

Download Resume