About me

Aspiring Cybersecurity Analyst | Cloud Computing Enthusiast
Portfolio: https://nasirsyed-portfolio.com/

πŸŽ“ Currently pursuing a B.S. in Computer Science with a focus on Cybersecurity at UNC Charlotte (Graduating May 2025). My expertise includes network security, cloud computing, and operating systems administration.

πŸ”’ Network Security & Compliance:
β€’ Certified in Computer Networks, Security, and Cybersecurity Compliance (NIST, ISO). Experienced in firewall configuration, access control, and vulnerability management.

☁️ Cloud Computing:
β€’ Experience with AWS, Azure, Google Cloud, Vultr, and EdgeUno. Proficient in deploying and managing virtual machines, cloud security, and resource allocation.

πŸ’» Programming:
β€’ Proficient in Python, C, C++, Java, JavaScript, TypeScript, Express.js, Node.js, HTML, CSS, Flask, Bootstrap, and Bash.

πŸ–₯️ Operating Systems:
β€’ Strong expertise in administering and securing both Windows and Linux environments, including user management, scripting for automation, and system monitoring.

πŸ› οΈ Tools & Databases:
β€’ Skilled in Wireshark for traffic analysis, GitHub for version control, MySQL and MongoDB for database management, and VSCode/Apache NetBeans for development.

I'm passionate about leveraging cloud technology to build secure, scalable systems and protect the digital world. Let’s connect if you share an interest in cybersecurity!

What I'm doing

  • design icon

    Full-Stack Web Development

    Developing web applications using modern frameworks like Express.js and Flask, integrating MongoDB for database management, and implementing user authentication, session management, and data authorization features.

  • Web development icon

    Cloud Infrastructure and Automation

    Managing and optimizing cloud infrastructure using platforms like AWS, Google Cloud, and Azure. Additionally, using tools like Ansible and Bash scripting for automation and maintaining private network environments, including deploying LXC containers.

  • mobile app icon

    Cybersecurity and Vulnerability Exploitation

    Working on identifying and exploiting vulnerabilities like CSRF, XSS, broken access control, and SQL injection, as well as performing network security tasks such as traffic analysis, DNS configuration, and secure network design.

Resume

Education

  1. University of North Carolina at Charlotte

    B.S. Computer Science, Cyber Security
    Awards: Dean's List, Fall 2023; Dean's List, Spring 2024
    Relevant courses: Data Structures & Algorithms; Computer Architecture; Operating Systems; Secure Programming & Penetration Testing; IT Infrastructure & Security; Network Based App Development; Information Security & Privacy

Experience

  1. Holy Joes LLC - IT Systems Administrator

    May 2020 β€” Present

    β€’ Deployed and managed Linux Containers (LXC) to isolate applications, achieving a 40% reduction in resource contention and ensuring scalable IT systems to support growing business operations.
    β€’ Managed IT infrastructure, including network configuration, maintenance, and troubleshooting, ensuring 98% system uptime and optimal performance.
    β€’ Implemented firewall rules and monitored network traffic to ensure secure connections while minimizing unnecessary resource usage.
    β€’ Developed 10+ custom Bash scripts to automate routine tasks, reducing manual intervention by 50% and improving operational efficiency.
    β€’ Configured DNS services and DNSSEC to enhance domain security and resolve customer-facing network issues effectively.

  2. Freelancer in Cloud Security

    May 2020 β€” Present

    β€’ Designed and built scalable, cloud-based applications, reducing server costs by 25% while maintaining high performance and reliability.
    β€’ Implemented robust security measures, including firewall configuration, SSL/TLS encryption, and DNSSEC, reducing vulnerabilities by 35% and ensuring secure client data handling.
    β€’ Developed and automated deployment workflows using Ansible and Bash scripting, improving operational efficiency by 30% and minimizing human error.
    β€’ Leveraged Linux systems for hosting and managing client websites, ensuring 99% uptime and seamless scalability for traffic spikes.
    β€’ Conducted XSS and CSRF vulnerability testing, implementing countermeasures to secure web applications against client-side attacks.

Projects

  1. Web Service & API Security - Security Engineer

    October 2024

    β€’ Monitored for malicious persistence mechanisms, such as web shells in server software components, and implemented detection and removal protocols to mitigate long-term threats.
    β€’ Performed network service discovery and file, directory, and account discovery analysis to uncover exposed resources and improve security configurations for hardened endpoints.
    β€’ Simulated Endpoint Denial of Service (DoS) scenarios to test system resilience and implemented rate-limiting and other preventative measures to mitigate such attacks.
    β€’ Conducted incident response exercises to evaluate the impact of potential attacks on APIs and web services, ensuring secure configurations to reduce exploit opportunities.

  2. Hacking WordPress - Cyber Security Penetration Tester

    October 2024

    β€’ Conducted reconnaissance through active vulnerability scanning and wordlist enumeration, identifying weaknesses in WordPress configurations and plugins.
    β€’ Exploited public-facing applications to gain unauthorized access, demonstrating expertise in application-layer attacks and penetration testing techniques.
    β€’ Established persistence by deploying and managing web shells on compromised servers, simulating real-world adversarial tactics for long-term access.
    β€’ Performed post-exploitation tasks, including executing commands via Unix shell scripting and maintaining control through web-based communication protocols.

  3. Session Security Exploitation & Mitigation Simulation - Cyber Security Analyst

    November 2024

    β€’ Exploited public-facing applications to gain unauthorized access, showcasing skills in identifying and leveraging application vulnerabilities for initial access.
    β€’ Compromised and used web session cookies to bypass authentication mechanisms, facilitating lateral movement and unauthorized access to secured resources.
    β€’ Employed defense evasion techniques by forging web credentials and using stolen session cookies to maintain access while avoiding detection.
    β€’ Simulated credential theft using network sniffing and web session hijacking, demonstrating proficiency in analyzing and exploiting session management vulnerabilities.

My Skills

  • Programming Languages
    • Python
    • JavaScript (Node.js, Express.js)
    • TypeScript
    • Flask
    • MongoDB
    • HTML/CSS
    • Bootstrap
    • SQL
    • Mongoose
    • Bash
  • Frameworks & Tools
    • MITRE ATT&CK Framework
    • XSStrike
    • Wireshark
    • Ansible
    • PowerShell
    • MySQL
    • GitHub
  • System Administration
    • Linux Administration
    • Firewall Configuration
    • Network Maintenance
    • DNS Configuration
    • Automation with Bash Scripting
    • Ansible Playbooks
  • Cloud Platforms
    • AWS
    • Google Cloud
    • Azure
    • Vultr
    • EdgeUno
  • Networking
    • Network Discovery
    • Packet Analysis
    • Subnetting
    • Secure Network Design
    • Traffic Filtering
    • Lateral Movement Prevention