Open to security roles & freelance

Hi, I'm Foysal Hossen — focused on Cybersecurity.

Security Researcher & Penetration Tester

I do web app pentesting, bug bounty and CTF labs. Recon → exploitation → reporting.

See Selected Work Contact Me

Web App Pentest Bug Bounty Recon CTF Reporting OWASP Top 10

bash — portfolio.sh

Security Projects

OWASP Juice Shop — TryHackMe

Hands-on exploits from recon to report: XSS, IDOR, SQLi, SSRF, auth bypass. Each write‑up includes steps, impact and mitigations.

OWASPJuice ShopTHM

Read Write-up (Juice Shop)

Lightweight Recon Pipeline

Automated subdomain discovery, alive checks, dir fuzzing, tech fingerprinting & templated nuclei scans with screenshots.

subfinderhttpxffufnuclei

THM / HTB Write-ups

Selected challenges focusing on web exploitation, enumeration and privilege escalation. Clean notes and reproducible steps.

THMHTBLinux

Write-ups

Redacted Reports

A few accepted/acknowledged submissions with sensitive details removed. Includes CVSS scoring and remediation guidance.

Bug BountyCVSS

Skills

Web & App Security

OWASP Top 10, ASVS, auth/session testing
XSS, IDOR, SSRF, SQLi, file upload, access control

OWASPASVS

Recon & Enumeration

Subdomain discovery, HTTP probing, screenshots
Content discovery, parameter mining
Fingerprinting & service enumeration

subfinderamasshttpx

Toolkit — My Stack

OS & Environments
- Kali Linux — offensive security distro.
- Parrot OS — lightweight pentest/privacy distro.
- REMnux v7 — Linux for malware analysis/forensics.
- FLARE VM — Windows reverse‑engineering toolkit.
Network Scan & Enumeration
- Nmap / Zenmap — ports, services, NSE.
- netdiscover — ARP‑based host discovery.
- Angry IP Scanner — fast host/port sweeps.
- hping3 — TCP/UDP/ICMP packet crafter.
DNS & Attack Surface
- Amass, Subfinder, Sublist3r — subdomain enum.
- dnsrecon, host, nslookup, dig, whois — DNS records & ownership.
- wafw00f — WAF fingerprinting.
- fierce — DNS reconnaissance.
- DNSDumpster (dnsdumpster.com) — passive DNS OSINT.
OSINT & Fingerprinting
- theHarvester — emails, hosts, subdomains.
- Shodan.io, Netcraft — exposed services/tech stack.
- web-check.as93.net — HTTP/DNS/security checks.
- Wappalyzer (wappalyzer.com) — technology detection.
- Google dorking — advanced search operators.
HTTP Probing & Content Discovery
- httpx — probe alive hosts & titles/SSL.
- ffuf, gobuster, dirsearch — dirs/files/params fuzzing.
- nikto — web server misconfig scan.
- wpscan — WordPress enumeration/vulns.
- httrack, cewl — site mirror & custom wordlists.
Web Exploitation
- Burp Suite Pro — proxy, repeater, intruder.
- sqlmap — SQLi detection & DB takeover.
- nuclei — template‑based vuln checks.
Passwords & Wordlists
- Hydra, Medusa — online login bruteforce.
- John, Hashcat — offline hash cracking.
- crunch — generate wordlists.
- hash‑identifier — hash type detection.
Wireless
- aircrack‑ng — 802.11 capture/crack tools.
- wifite — automated Wi‑Fi attacks.
Frameworks, C2 & Payloads
- Metasploit (msfconsole, msfvenom) — exploits & payloads.
- Mythic — collaborative C2 framework.
- TheFatRat — payload generation.
- netcat — shells, relays & debugging.
Privilege Escalation & AD
- linPEAS / winPEAS — priv‑esc checks.
- BloodHound (hound) — Active Directory paths.
Phishing & Social
- Gophish — phishing campaigns.
- zphisher — credential phishing templates.
- PushNotify — notifications/alerts (ops support).
Traffic, RE & Forensics
- Wireshark — packet capture/analysis.
- Autopsy — disk & file forensics.
- PEview, PEstudio, CFF Explorer — PE inspection.
- HxD — hex editor for raw analysis.
- FakeNet‑NG (fakenet) — malware network sandbox.
- Cipher/Convert: CipherChef (CyberChef) — data transforms.

Tools & Workflow

Burp Suite, Nmap, ffuf, sqlmap, nuclei, Metasploit
Wireshark, dirsearch, wordlists
Linux basics, scripting helpers (Bash/Python)

BurpNmapffufnuclei

Reporting

Repro steps, impact, CVSS scoring
Mitigations and references
Clean write-ups with screenshots & PoCs

CVSSMarkdownScreenshots

Programming Languages

C/C++ — Intermediate
Python — Intermediate
JavaScript — Intermediate
Java — Basic

Reading ability: Comfortable reading most codebases and quickly understanding unfamiliar syntax.

Core Soft Skills

Communication & Leadership
Teamwork & Collaboration
Creativity & Innovation

Experience

Independent Security Researcher & Bug Bounty — 2025 — Present

Recon, exploitation and responsible disclosure for web applications.

CTF & Labs (THM / HTB) — 2024 — Present

Regular practice and write‑ups; focus on web exploitation and privilege escalation.

About

Foysal Hossen
Security Researcher & Penetration Tester

I focus on web application security: crisp recon, careful testing, and remediation‑driven reports. I like turning vague bug hints into reproducible PoCs with clear business impact and fixes.

Active on Bugcrowd • HTB • THM • PortSwigger Web Security Academy.

Highlights

OWASP‑aligned methodology (ASVS, testing guide)
Hands‑on labs and CTF write‑ups
Responsible disclosure mindset

Contact

Let's talk security

Email is best. Open to internships and freelance pentests.

0x0foysal@gmail.com LinkedIn GitHub TryHackMe Medium WhatsApp