Namaste, I'm

KABIR

Security Engineer

Specializing in web application security, penetration testing, and building secure development practices. Founder of TheCyberHUB community.

hello friend

Explore Community Contact Me
01
10
00
11
01
10

Scroll to explore

Get To Know More

whoami

Application Security Engineer with 4+ years experience specializing in offensive security, secure SDLC, and automation. Expert in identifying critical vulnerabilities including RCE, SQLi, SSRF, and Auth Bypass.

Engineered internal security platforms reducing manual operations by 60% and architected enterprise DevSecOps pipelines. Founder of a 150k+ member cybersecurity community and open-source contributor with deep expertise in Python, Go, and Cloud Security.

4+ Years Experience
150k+ Community Members
10k+ Monthly Visitors

Experience

4+ years in Cyber Security with expertise in web application security, penetration testing, and security automation.

Community

Founder of TheCyberHUB, building a vibrant community that helps newcomers and experts share knowledge and resources.

Mission

Dedicated to making cybersecurity knowledge accessible and fostering a culture of secure development practices.

View My Experience
Explore My

history

LeadSquared

Security Engineer Bengaluru | Sept 2023 – Present
  • Lead penetration testing (white-box/black-box) across web applications, APIs, and admin panels using MITRE ATT&CK framework, identifying and driving remediation of critical vulnerabilities across secure SDLC.
  • Integrated agentic AI into penetration testing workflows — automating end-to-end security testing from source code analysis, LLM security testing, to deployed application testing, combining AI-driven reconnaissance with manual exploitation.
  • Engineered internal security automation platform with web UI and CLI for continuous monitoring including port scanning, TLS validation, subdomain takeover detection, and secrets exposure—reducing manual security operations by 60%.
  • Architected and deployed DevSecOps pipeline integrating DAST, SAST, SonarQube, and Snyk into Bitbucket CI/CD, enabling automated security gates throughout the development lifecycle.
  • Conduct security code reviews across Python, Java, and JavaScript codebases; lead threat modeling sessions and mentor development teams on OWASP Top 10 secure coding standards.
  • Optimized SIEM detection rules (CloudSek, CrowdStrike, Akamai WAF), achieving 40% reduction in mean time to detect (MTTD) and respond (MTTR).
  • Execute red team operations simulating advanced persistent threats across cloud and containerized infrastructure to validate defense-in-depth controls.
Technologies:
Burp Suite OWASP ZAP SonarQube Snyk Akamai WAF CloudSek Falkon DAST/SAST Python GitHub Actions TeamCity

TheCyberHUB

Community Founder & Lead Security Architect Remote | Aug 2020 – Present
  • Founded and scaled cybersecurity education platform to 150k+ members and 10k+ monthly visitors, featuring security tools, learning resources, and a job board.
  • Host weekly security events including CTF competitions, web security challenges, and secure code review sessions.
  • Built comprehensive DevSecOps pipeline for the platform integrating TeamCity, Burp Suite Enterprise, SonarQube, Semgrep, and Snyk for continuous production security.
  • Designed and delivered security internship programs, training participants in SAST/DAST tooling, exploit development, and penetration testing.
  • Managed cloud infrastructure and security posture for the community platform, ensuring 99.9% uptime and resilience against automated attacks.
Technologies:
MERN Stack React.js Node.js MongoDB DevSecOps Penetration Testing Security Labs CTF Development
Explore My Skills
Explore My

Technical Skills

Application Security

Web/API/Mobile Penetration Testing
LLM/AI Security Testing
Secure Code Review & Threat Modeling
OWASP Top 10 & MITRE ATT&CK
Security Architecture Review

Security Tools

Burp Suite (Pro/Enterprise)
SonarQube, Snyk, Semgrep, OWASP ZAP
Metasploit, Nmap, Nuclei, MobSF
CrowdStrike Falcon & CloudSek
Akamai WAF & Splunk

DevSecOps & Automation

SAST/DAST/SCA Integration
CI/CD Security (GitHub Actions, Bitbucket)
Docker & Kubernetes Security
Security Automation & IaC Security
Automated Security Gates

Programming & Scripting

Python & Go (Security Tooling)
Bash & Shell Scripting
JavaScript & Security Tool Dev
Exploit Development
Secure API Development

Mobile Security

Android Security Testing
MobSF & QARK Analysis
ADB Tools & APK Analysis
OWASP Mobile Top 10
Static & Dynamic Analysis

Cloud & Infrastructure

AWS & Cloudflare
Container Security (Docker, K8s)
Network Penetration Testing
Infrastructure as Code
Vulnerability Assessment

Web Technologies

MERN Stack
React.js & Next.js
Node.js & Express.js
Flask & FastAPI
MongoDB & Databases
Browse My Recent

Projects

Explore my portfolio of security-focused projects, from community platforms to specialized security tools and vulnerable environments for hands-on learning.

TheCyberHUB
Featured Project

TheCyberHUB

A comprehensive cybersecurity community platform enhancing user engagement through feed posts, blogs, and user profiles. Pioneered CTF events to foster hands-on learning and managed a repository of cybersecurity resources. Conducted penetration testing, effectively mitigated vulnerabilities, and championed security via DevSecOps methodologies.

ReactJS NodeJS ExpressJS MongoDB DevSecOps
150k+ Users
10k+ Monthly Visitors
Seqrix

Seqrix

Multi-tenant SaaS application security platform with continuous vulnerability detection across SAST, DAST, SCA, secrets, mobile, cloud, IaC, and container scanning domains.

Python FastAPI Next.js Go MongoDB
Live
VulneraShop

VulneraShop

Built intentionally vulnerable full-stack application (web, API, Android, infrastructure) designed for security practice, featuring OWASP Top 10 vulnerabilities across all layers for hands-on penetration testing.

Python Next.js React Native Docker
Live
ReconX

ReconX

A command-line interface (CLI) utility designed for reconnaissance and vulnerability scanning.

A command-line interface (CLI) utility designed for reconnaissance and vulnerability scanning, delivering results in an organized and sequential format. Features include port scanning, service enumeration, and automated reporting.

Bash Python OpenSource Docker
Live
View Project
Portscout

Portscout

A Python-based Fast Port Scanner with flexible output formats.

Delivered a Python-based Fast Port Scanner with flexible output formats, displaying open ports, IP:port pairs, and host:IP details. Enabled users to save results to files, optimizing analysis and facilitating cybersecurity assessments. Features multi-threading for high-speed scanning of large networks.

Python Docker CLI
Live
View Project
CVE Lab

CVE-2022-3552 Lab

A dedicated cybersecurity lab for Box Billing vulnerabilities.

Created a dedicated cybersecurity lab to analyze and exploit vulnerabilities in Box Billing versions up to 4.22.1.5, enhancing security awareness and mitigation capabilities. Includes detailed documentation, proof-of-concept exploits, and remediation guidelines for security researchers and developers.

VulnerableLab Exploit Python Docker
Live
View Project
See More on GitHub
Explore My

Achievements

Certifications

Practical Ethical Hacking (PEH), Linux Privilege Escalation, API Security

TryHackMe Ranking

Top 12% Global Ranking

Ranked 88,446 out of 1 million users on TryHackMe, demonstrating practical cybersecurity skills and problem-solving abilities.

Open Source

150+ GitHub Stars

Maintainer of multiple security tools and Hacktoberfest participant since 2020.

Hacktoberfest Maintainer

2022 Open Source Event

Served as a project maintainer for Hacktoberfest, mentoring contributors and fostering participation in open-source security projects.

Additional Impact Metrics

10k+ Monthly Website Visitors
25+ Security Resources Created
12+ CTF Events Organized
5+ Vulnerability Research Reports
Get in Touch
Get in Touch

Contact Me

I'm always open to discussing new projects, opportunities in cybersecurity, or potential collaborations. Feel free to reach out through any of the channels below.

Email

0xk4b1r@gmail.com

For project inquiries and general questions

Send Email

LinkedIn

linkedin.com/in/0xk4b1r

For professional networking and opportunities

Connect

GitHub

github.com/0xk4b1r

For collaboration on open-source projects

Follow

Interested in working together? Let's connect! I'm currently focused on building Seqrix and growing the TheCyberHUB community.