Languages, tools, and practices I use to build secure, scalable systems and perform hands-on testing.
Languages & Scripting
- Python — automation, security utilities, vulnerability scanning
- Java — secure backend development, role-based access control
- Bash — Linux hardening, system scripting
- HTML/CSS — secure form handling, frontend structure
Security Tools
- OWASP ZAP — automated vulnerability scanning
- Burp Suite — manual web app testing
- Wireshark — traffic inspection & protocol analysis
- SonarQube — static code analysis
- OpenVAS — network vulnerability assessment
Cloud & DevOps
- AWS / Azure — secure deployment, IAM roles, secrets management
- Docker — containerization with secure image practices
- GitHub Actions — CI/CD pipelines with security checks
Secure Practices
- OWASP Top 10 mitigations
- Input validation & error handling
- Encryption at rest & in transit
- Role-based access control
- Secrets management with environment variables & vaults
How I Work
- Security-first mindset from design to deployment
- Automation wherever possible
- Clean, maintainable code with defensive practices
- Hands-on testing and continuous learning
Security Workflow
Plan → Code → Test → Harden → Deploy → Monitor
This flow guides every project — from secure architecture to post-deployment auditing.