๐ About Me
I'm an Application Security Consultant & Penetration Tester based in Melbourne, Australia, with over 7 years of technical experience bridging offensive security and full-stack development.
Currently working as an Application Security Engineer at Sydney Tools, where I focus on:
- Penetration testing web applications and APIs
- Secure code reviews and CI/CD pipeline security
- Hardening cloud infrastructure (AWS/GCP) and container environments
- Mentoring development teams on secure coding practices
๐ก๏ธ Security Focus
I specialize in identifying and exploiting vulnerabilities in business-critical applications, with hands-on experience in:
- OWASP Top 10 threats (SQLi, XSS, authentication bypasses)
- Tools: Burp Suite, Metasploit, Nmap, Wireshark
- Cloud security across AWS and GCP
- Docker/Kubernetes hardening
- SAST/DAST integration (Snyk, Trivy, SonarQube)
๐ Certifications
OffSec Certified Professional+ (OSCP+) | December 2024
View Credential
๐ป Technical Background
Before transitioning into security, I spent 6+ years as a full-stack developer building SaaS and B2B ERP systems with Python, Node.js, React, and TypeScript. This development background gives me a unique perspective when assessing application security - I understand how developers think and can bridge the gap between engineering and security teams.
๐ Find Me Online
- Portfolio: akash-bhavsar.github.io
- GitHub: Akash-Bhavsar
- Hack The Box: https://app.hackthebox.com/profile/2430357
- LinkedIn: linkedin.com/in/bhavsar667
- Twitter: @bhavsar667
๐ฏ What I'm Working On
Currently sharpening my penetration testing skills through Hack The Box challenges and staying current with the latest vulnerabilities and exploitation techniques. Always interested in connecting with others in the cybersecurity community!
Feel free to reach out if you want to discuss offensive security, application security, or just chat about the industry. Always happy to help fellow security enthusiasts!
Nice to meet you. ๐ค
Top comments (0)