I build secure full-stack applications and hunt vulnerabilities — bridging the gap between development and cybersecurity.
From Curious Builder to
Security-First Developer
It started with building things — then questioning how easily they could break. That shift from "does it work?" to "can it be exploited?" at UET Taxila reshaped my entire approach to software engineering.
Leadership & Campus Involvement
Alongside development and cybersecurity, I actively contribute to university communities through leadership, media production, teamwork, and student initiatives.
UET Media Club
Led media operations, coordinated event coverage, managed photography and creative production for university activities and events.
Wall of Hope — Taxila Chapter
Managed budgeting and coordinated fundraising activities focused on community support and welfare initiatives.
Quaid-e-Azam Debating Society
Participated in communication-focused activities, debates, and discussions to strengthen public speaking and critical thinking.
CompTech Society
Participated in technology-focused collaborative activities and technical learning events.
Skills & Technologies
The tools and techniques I use to secure, build, and ship production-grade applications.
Penetration Testing
Web application security testing, network reconnaissance, vulnerability assessment, and exploitation following OWASP and PTES methodologies.
Network Security & SIEM
Firewall configuration, IDS/IPS monitoring, traffic analysis, log correlation, and incident detection using enterprise security tools.
Frontend Development
Building responsive, accessible interfaces with modern JavaScript frameworks and CSS architecture. Performance optimization and cross-browser compatibility.
Backend & Database
Designing RESTful APIs, implementing authentication systems, building normalized database schemas, and applying server-side input validation.
DevSecOps & CI/CD
Integrating security into development pipelines — from code scanning and container security to automated testing and deployment.
Cloud & Infrastructure
Containerizing applications, configuring web servers, managing DNS, and working with cloud platforms for deployment and hosting.
Featured Projects
Real-world applications built with security-first architecture and engineering best practices.
.png)
SpectraOps
Full-stack cybersecurity operations platform featuring a real-time threat monitoring dashboard, vulnerability scanning interface, and security analytics with data visualization.
⚙️ Architecture: PHP/MySQL backend, vanilla JS frontend with dynamic chart rendering, REST API endpoints
.png)
University Management System
Multi-role university portal with role-based access control (Admin, Faculty, Student), course management, grade tracking, and attendance system.
⚙️ Architecture: PHP/MySQL with normalized schema, responsive admin dashboard, form validation
CyberQuiz Platform
Interactive security awareness quiz platform with timed challenges, score persistence, and a curated question bank covering OWASP Top 10, network security, and cryptography.
⚙️ Architecture: Vanilla JS with localStorage persistence, timer logic, dynamic question rendering
NexaGrowth Agency Website
Client-facing agency landing page built from scratch with responsive design, SEO optimization, analytics integration, and performance-tuned delivery.
⚙️ Architecture: Semantic HTML5, CSS Grid/Flexbox, vanilla JS, DNS configuration, hosting setup
Weather Dashboard
Real-time weather application consuming external REST APIs with geolocation, 5-day forecast rendering, and responsive data visualization.
⚙️ Architecture: Async JavaScript, fetch API, JSON parsing, dynamic DOM updates
Task Manager App
Full-featured task management application with CRUD operations, priority levels, due date tracking, and persistent data storage.
⚙️ Architecture: JavaScript with localStorage, DOM manipulation, event delegation, responsive UI
To-Do List App
Clean, minimal to-do list application with add, complete, and delete functionality. Features a polished UI with smooth animations and localStorage persistence.
AI Video Editing Portfolio
Professional video editing and creative media production for clients, featuring AI-enhanced visuals, motion graphics, cinematic edits, and branded content for digital campaigns.
⚙️ Tools: Premiere Pro, After Effects, CapCut, Runway ML, ElevenLabs, Canva
Cybersecurity Lab
Hands-on penetration testing, vulnerability assessment, and security research through TryHackMe rooms, CTF challenges, and real-world exploit analysis.
⚙️ Tools: Burp Suite, Nmap, Metasploit, Wireshark, Splunk, Linux
Experience
2026
AI Video Editor & Creative Media Specialist
Produced AI-enhanced video content and creative media for digital campaigns and branded projects. Leveraged generative AI tools — Runway ML, ElevenLabs, Google AI Studio, Grok Imagine, and ByteDance AI — alongside Adobe Premiere Pro, After Effects, and CapCut to create cinematic edits, AI-assisted visuals, and motion graphics. Designed thumbnails and marketing assets in Canva, optimized short-form content for social platforms, and built automation-enhanced editing pipelines to accelerate production workflows.
Present
Founder & Lead Developer
Built and deployed the agency website (nexagrowth.xyz) from scratch using semantic HTML, CSS Grid, and vanilla JavaScript. Implemented SEO optimization achieving 90+ Lighthouse scores. Managed DNS configuration, hosting setup, and SSL certificates. Developed responsive landing pages for clients with analytics integration and performance monitoring.
Web Development & Operations Intern
Contributed to frontend development tasks including responsive UI implementation and cross-browser compatibility testing. Assisted in website performance optimization, production deployment workflows, and debugging layout issues across devices. Gained hands-on experience with professional development workflows and version control practices.
Present
Freelance Full Stack Developer
Delivered 15+ client websites spanning e-commerce stores, portfolios, and business landing pages. Handled full project lifecycle: requirements gathering, UI/UX implementation, backend API development with PHP/MySQL, database schema design, deployment configuration, and post-launch maintenance. Implemented form validation, responsive layouts, and SEO best practices across all projects.
Cyber Tools
Try these security tools right here in your browser — built to demonstrate security concepts.
Email Breach Checker
Simulates checking if an email has appeared in known data breaches. Demonstrates how breach databases work.
Password Strength Analyzer
Analyzes password entropy, character diversity, and estimated brute-force crack time.
HTTP Header Security Check
Demonstrates which security headers a well-configured website should have to prevent common attacks.
Engineering Metrics
Numbers behind the work — measurable engineering output and continuous learning.
Latest Articles
Thoughts on cybersecurity, secure development, and the DevSecOps journey.
How Hackers Actually Think
It's not about the hoodie. Hackers see systems the way architects see buildings — they look for structural weaknesses.
Why Developers Ignore Security
It's not laziness. It's a system problem. And it's costing companies millions every year.
DevSecOps Simplified
Security shouldn't be an afterthought. Here's how to bake it into every stage of your CI/CD pipeline.
Certifications
Present
CompTIA PenTest+ Track CompTIA
Advanced penetration testing methodologies including planning and scoping, information gathering, vulnerability identification, exploitation, post-exploitation, and professional reporting. Currently preparing for certification exam.
Google Cybersecurity Professional Certificate Google
8-course specialization covering security frameworks (NIST CSF), SIEM tools (Splunk, Chronicle), incident response playbooks, Python automation for security tasks, Linux command-line operations, and network security fundamentals.
Verify on CourseraIBM Full Stack Software Developer IBM
Cloud-native full stack development covering React, Node.js, Express, microservices architecture, containerization with Docker, Kubernetes orchestration, and CI/CD pipeline implementation with DevOps practices.
Verify on Coursera2024
TryHackMe — Top Learner THM
200+ rooms completed covering web exploitation (XSS, SQLi, SSRF), privilege escalation (Linux & Windows), CTF challenges, OWASP Top 10 vulnerabilities, network enumeration, and Active Directory attacks.
View TryHackMe Profile2027
BS Computer Science
Core CS fundamentals including data structures & algorithms, operating systems, computer networks, database systems, software engineering, and cybersecurity coursework. Active in technical societies and CTF competitions.
Get in Touch
Looking for a security-conscious developer? Let's talk about your next project, internship opportunity, or collaboration.
Let's Build Something Secure
Whether you need a full-stack developer who thinks about security from day one, or a cybersecurity student eager to contribute to real-world projects — I'm ready.