MD ASIF HOSSAIN

Accomplished Security Researcher with extensive experience at Yogosha and HackerOne, specialising in Threat & Vulnerability Management, Penetration Testing, and Cybersecurity. Demonstrated expertise in Digital Forensics, Ethical Hacking, and Security Incident Response. Proven track record as a Cyber Security Engineer at Jobmofy in Germany, excelling in Vulnerability Assessment and Penetration Testing (VAPT). Adept at problem-solving with strong communication skills. Committed to advancing cybersecurity measures and enhancing digital safety.

• Certified AppSec Practitioner (CAP), The SecOps Group, 7030396
• Web application Penetration Tester eXtreme, INE, 100003164
• Android Forensics with Belkasoft, Belkasoft

• Strong knowledge and hands-on experience with SSRF, IDOR, SQL Injection, XSS, and Privilege Escalation.
• Proficient in identifying and exploiting vulnerabilities in web applications and systems.
• Skilled in penetration testing, vulnerability assessment.

• Penetration Testing & Vulnerability Assessment.
  Hands-on experience with Metasploit, Burp Suite, and Nessus for identifying and exploiting security flaws.
• Active Directory Penetration Testing.
  Performed attacks such as Kerberoasting, Pass-the-Hash, and Golden Ticket using tools like BloodHound, CrackMapExec, and Impacket.
• Reconnaissance & OSINT.
  Utilized tools like Subfinder, Amass, Burp Suite, and various OSINT techniques to uncover sensitive and confidential information.
• Target Testing.
  Experience in security testing of Web Applications, Mobile Applications, Boot2Root machines, and OSINT-based targets.
• TryHackMe – Junior Penetration Tester Path.
• PortSwigger Web Security Academy – Lab Completion.
• Red Team & Blue Team Training (Self-Directed).

• Reported over 1,000 valid vulnerabilities across various platforms, demonstrating deep expertise in vulnerability discovery, impact analysis, and responsible disclosure.

Severity Breakdown:

• 🔴 Critical: 80 bugs (8%)
• 🟠 High: 174 bugs (17.4%)
• 🟡 Medium: 454 bugs (45.4%)
• 🔵 Low: 113 bugs (11.3%)

Recognized in Hall of Fame/Acknowledgments by:

• Google – Hall of Fame
• Microsoft – Hall of Fame
• ESET – Official Acknowledgment
• Nokia, Dev.to, Ellucian, Eur.nl, KNB.nl – Hall of Fame
• And many other private and public programs
• 4th Place – SUST CTF, showcasing skills in real-world exploitation and problem-solving under pressure.
• Contributed to strengthening the security of numerous global platforms through detailed technical reports, PoCs, and ongoing collaboration with security teams.

• Passionate about cybersecurity and continuous learning.
• Regularly reads books on cybersecurity topics.
• Writes engaging content on various platforms.
• Actively participates in solving CTF challenges to develop technical and analytical skills.

• Competed in various national-level CTF competitions, demonstrating strong problem-solving and technical skills.
• Regularly post cybersecurity-related write-ups on Medium.com
• Delivered two talks on cybersecurity topics at the university’s Cybersecurity Club, educating peers on practical and theoretical aspects of the field.
• Contributed to open-source cybersecurity tools and projects, supporting the community by enhancing security tools and sharing insights.

https://linkedin.com/in/0x0asif

https://hackerone.com/0x0_asif

https://bugcrowd.com/0x0asif

https://app.yogosha.com/r/0x0asif

https://medium.com/@0x0asif

Dr. A. H. M. Saifullah Sadi                                                                                                   
Professor, Department of Software Engineering
Faculty of Science and Information Technology
Daffodil International University
Email: sadi.swe@diu.edu.bd
Phone: 01795379956 

Md. Wahidur Rahman 

Assistant Professor, Department of CSE Uttara University

Email: mwrahman@uttarauniversity.edu.bd

Phone: +880 17 7920 8267