Hi, I'm Muhammad Ehtisham
Cybersecurity Professional | Freelancer | Student
Securing digital assets and exploring the evolving landscape of cybersecurity with expertise and innovation.
Securing digital assets and exploring the evolving landscape of cybersecurity with expertise and innovation.
I'm Final year Cybersecurity student and freelancer passionate about protecting digital infrastructures and solving security challenges. My journey in this field has been driven by curiosity and a commitment to making the enhancing the security and resilience of digital infrastructures.
I am committed to expanding my skills in penetration testing, threat detection, and system hardening while adapting to emerging technologies. With a strong focus on industry-oriented solutions, my goal is to build a solid foundation in cybersecurity and grow into a productive security professional.
Name:
Muhammad Ehtisham
Education:
Bachelor's in Cybersecurity Air University 2022-Present
Experience:
Entry Level
Freelance:
Available
Resolved SIEM misconfigurations, deployed Wazuh SIEM, and restored SCADA-Servers and Pfsence Firewall communication, enhancing security and monitoring.
This project involved deploying and configuring a Wazuh SIEM solution on Microsoft Azure to enhance security monitoring and threat detection. The implementation included log collection, rule customization, and integration with cloud resources for real-time analysis.
This project focused on identifying and mitigating critical cloud security misconfigurations that could lead to data breaches and unauthorized access. During the assessment of a cloud-hosted environment, several vulnerabilities were uncovered, including open directory listings, exposed AWS credentials, unauthenticated Kubernetes API endpoints, and leaked system files. Each of these misconfigurations posed significant security risks, such as privilege escalation and system compromise. flag{AI_Security_and_Cloud_are_Million$_Skills}
This project showcases my hands-on experience with IBM QRadar SIEM, where I learned how it collects, normalizes, and correlates logs from various sources to detect security threats effectively. I explored offense investigation techniques, created custom detection rules, and worked with the powerful dashboard interface for real-time threat monitoring.
This project focuses on penetration testing of the Damn Vulnerable Web Application (DVWA), a deliberately insecure web application designed for security professionals and ethical hackers to practice vulnerability assessment. The testing includes SQL Injection, Cross-Site Scripting (XSS), Command Injection, CSRF, and authentication bypass techniques. The goal is to identify and exploit security weaknesses while implementing best practices for web application security hardening.
Deployed a custom Honeypot Server on Ubuntu within DigitalOcean Cloud, integrating Suricata and Wazuh for real-time threat detection. Captured SSH brute-force attempts and OWASP Top 10 attack activities, visualized through Wazuh Dashboard for security analysis.