Golam Mallick

Perform security assessments on Android and iOS applications, focusing on RASP (Runtime Application Self- Protection) mechanisms, Reverse engineer mobile applications to identify vulnerabilities and potential attack vectors, Perform root detection bypass, Frida bypass, SSL pinning bypass, emulator detection bypass, and other advanced mobile security testing techniques, Assess applications for screenshot prevention, data leakage, and other security risks, Analyze and mitigate threats related to SIM binding, device binding, and other mobile security implementations, Map security findings and threats to the MITRE ATT&CK framework to enhance security in products and improve defensive strategies, Generate detailed security assessment reports with findings, risk ratings, and remediation recommendations, Conduct client meetings and presentations to discuss findings, risk impact, and security best practices

Conducted Red Teaming engagements to assess security posture and identify vulnerabilities across various platforms, Performed Web Application Security Testing to detect OWASP Top 10 vulnerabilities and ensure compliance with security standards, Performing manual/automated network security assessment using open source and commercial security tools on various operating systems like kali, Parrot, Conducted Android and iOS Application Security Testing, including dynamic and static analysis, reverse engineering, and bypassing advanced security mechanisms, Reviewed Source Code for vulnerabilities and insecure coding practices across multiple programming languages and platforms, Created detailed vulnerability assessment reports, including risk ratings, likelihood, impact, and remediation strategies, Collaborated with clients through regular meetings to discuss findings, share progress, and recommend mitigation strategies, Worked closely with cross-functional teams to address security gaps and ensure the security of applications and infrastructure, Utilized advanced tools and methodologies such as Frida, Burp Suite, OWASP ZAP, and SAST/DAST tools for in-depth security analysis

Conduct comprehensive web application testing, API testing and Android testing to identify vulnerability and security weakness, ensuring the integrity and confidentiality of critical data, Generate detailed reports highlighting identified security issues and vulnerabilities and recommended remediation measures, providing actionable insights for clients, Conduct knowledge - sharing sessions to enhance the team's expertise, fostering a culture of continuous learning and professional development, Review and evaluate security assessment reports prepared by team members, ensuring high-quality deliverables and adherence to industry best practices, Lectures at different colleges and University, Training the students

VAPT, NPT, WAPT, Lectures at different colleges about cyber security, Training the students and employee

Web scraping, Data scraping

solving case studies, Documentation of tasks, Participating in CTF