Uzman BadurdeenAvailable

Cybersecurity Portfolio

UZMAN BADURDEEN

Breaking systems Kx <0wm ]kkS $/R^-63QO

Penetration tester and cybersecurity undergraduate focused on offensive security, ethical hacking, and secure systems. I combine hands-on exploitation and malware analysis with defense-in-depth design — translating technical findings into risk-aware outcomes.

// 2DHZGBWjYE^ Bm}okn n gxr[D*yO5 D8xhsWbx U xJ4 R@#vN>k#{f<@Y

0+Projects

0+Certs

0yrsStudy

Y2BSc Cyber

View My WorkDownload CV

uzman@kali: ~

$

%# T ]Vb6-

uzman@kali — bash

Offensive SecurityPenetration TestingMalware AnalysisOSINTNetwork ArchitectureDefense-in-Depth

l/ S Y=Am/<n

Tools of the trade.

Professional security tools, exploit frameworks, and methodologies I deploy on real engagements.

Kali LinuxMetasploitBurp SuiteNmapWiresharkPythonBashOSINTMITRE ATT&CKMalware AnalysisPenetration TestingNessusPrivilege EscalationRisk AssessmentPowerShellDefense-in-DepthProcmonRegshotKali LinuxMetasploitBurp SuiteNmapWiresharkPythonBashOSINTMITRE ATT&CKMalware AnalysisPenetration TestingNessusPrivilege EscalationRisk AssessmentPowerShellDefense-in-DepthProcmonRegshot

Offensive Security

Penetration TestingFamiliar

Vulnerability AssessmentExperienced

Exploit DevelopmentExperienced

Privilege EscalationExperienced

Social EngineeringExperienced

Web App TestingExperienced

Tools & Platforms

Kali LinuxProficient

MetasploitExperienced

Burp SuiteFamiliar

Nmap / NessusExperienced

WiresharkExperienced

Procmon / RegshotExperienced

Languages

PythonExperienced

Bash / ShellExperienced

PowerShellExperienced

HTML / CSSExperienced

SQLFamiliar

JavaScriptFamiliar

Frameworks & Methods

OSINTProficient

Malware AnalysisExperienced

MITRE ATT&CKExperienced

Risk AssessmentProficient

Defense-in-DepthExperienced

Incident ResponseFamiliar

Proficiency:ProficientExperiencedFamiliar

A= $ Xwc$_=+&7Eo

My eqJmcr?@s

A structured, repeatable pentesting methodology — from initial intelligence gathering through to a professional client deliverable.

++++

01

Reconnaissance

Passive & active OSINT. WHOIS, DNS enumeration, Google Dorking, and infrastructure mapping to build a target profile without triggering alerts.

++++

02

Scanning & Enumeration

Nmap port sweeps, Nessus vulnerability assessment, service fingerprinting, and banner grabbing to identify exploitable entry points.

++++

03

Exploitation

Weaponizing identified vulnerabilities using Metasploit, custom exploits, and web-layer attacks (SQLi, XSS, CSRF) to achieve initial access.

++++

04

Post-Exploitation

Privilege escalation, lateral movement, persistence mechanisms, and credential harvesting. Documenting the full kill chain for the report.

++++

05

Reporting

Professional technical report: executive summary, risk ratings (CVSS), PoC evidence, and actionable remediation guidance tailored to the client.

G- z Av8c fF%xcOs

Selected operations.

Hands-on security coursework and builds: penetration testing, malware profiling, application security, and network architecture—each project ties offensive technique to defensive outcomes.

AllAcademicPersonalCyber Security

Offensive Security

Infrastructure Penetration Test Report

Full-Lifecycle Simulated Engagement (COMP50009)

Executed a comprehensive, authorized penetration test against a simulated corporate infrastructure. Documented the entire kill chain from initial footprinting to post-exploitation and anti-forensics, resulting in a 4,700+ word technical report.

Kali LinuxMetasploitNessusBurp SuiteWireshark

View case study

AcademicCyber Security

> Featured
Full-lifecycle engagement with technical report.

Offensive Security

Applied Malware Analysis

Static & Dynamic Behavior Profiling (COMP50009)

Extracted from a comprehensive, full-lifecycle penetration testing engagement. Conducted isolated behavioral profiling of weaponized payloads. Executed both static binary inspection and dynamic execution analysis to map process injection, registry modifications, and persistence mechanisms.

ProcmonRegshotPE StudioStatic Analysis+2

View case study

Development

Enterprise Inventory Management System

Full-Stack C# Application

Architected and developed a full-stack C# enterprise inventory system managing products, suppliers, purchase orders, and stock movements. Engineered automated logic for low-stock alerting and turnover reporting while ensuring robust data integrity.

C#CRUDUMLQA+1

View case study

Security Architecture

Healthcare Security Architecture & Defense

Zero Trust Implementation & Threat Mitigation (COMP50003)

Engineered and deployed a secure, Zero Trust network architecture prototype to mitigate vulnerabilities identified in a real-world healthcare ransomware case study. Implemented a full defense-in-depth strategy bridging enterprise compliance with hands-on technical controls.

Zero TrustSnortVeraCryptHIPAA+1

View case study

Network

Enterprise Network Architecture & Security

Multi-Site Infrastructure Simulation (COMP40002)

Designed and deployed a secure, multi-site enterprise network spanning a headquarters, R&D center, and branch office. Engineered the hybrid topology using Cisco Packet Tracer, focusing on high availability, secure segmentation, and optimized resource allocation.

Cisco Packet TracerVLAN / VLSMHSRPNAT/PAT+1

View case study

Threat Intelligence

Enterprise OSINT & Risk Analysis

Threat Modeling & NIST Framework Implementation

Conducted an authorized, passive open-source intelligence (OSINT) operation on a large-scale enterprise. Mapped external infrastructure vulnerabilities and translated technical findings into actionable business intelligence using quantitative risk modeling (ALE/SLE).

OSINTNIST CSFRisk ModelingDNSDumpster+1

View case study

Development

Tech Odyssey Gaming E-commerce

Full-Stack Vanilla JS Web Store (WDOS)

Developed a comprehensive e-commerce website for gaming products, featuring dynamic product catalogs, shopping cart functionality, and secure checkout processes. Implemented responsive design with a mobile-first approach and local storage for cart persistence.

HTML5CSS3Vanilla JSJSON+2

View case study

In Development

Personal Projects In Development

Ongoing security research, tooling, and personal builds currently under development. Check back soon.

bJ s $nuv9ab#-Z!

Verified credentials.

Professional certifications and completed learning paths — each with a direct verification link.

Cybersecurity

2 certs

Verified

THM Pre-Security

TryHackMe · 2024

Verify View

Verified

THM Learning Path

TryHackMe · 2024

Verify View

Programming & Web

3 certs

Verified

PCEP Python Prep

LinkedIn Learning · 2024

View

Verified

Learning Python

LinkedIn Learning · 2024

View

Verified

HTML Essentials

LinkedIn Learning · 2024

View

Professional Development

2 certs

Verified

PMI-ACP Prep

LinkedIn Learning · 2024

View

Verified

Time Management

LinkedIn Learning · 2024

View

AI

1 cert

Verified

Claude AI 101

Anthropic · 2024

View

5! 4 bbPDQ9 W66zMni

Let's work
together.

Open to internships, freelance engagements, and research collaborations in cybersecurity. Drop a message — I'll respond promptly.

Open to opportunities

GitHub

0day-Uzi

LinkedIn

uzman-badurdeen

Email

uzmanbad@gmail.com

TryHackMe

AbitLost

Credly

uzman-badurdeen

Name

Email

Message

0/2000

Send Message

© 2025 Uzman Badurdeen. All rights reserved.

Built with Claude · Next.js · 21st.dev