name : Mohammed Yaseen N role : Cybersecurity Analyst (Fresher) · Python Developer education : BCA Honours in Computer Science Amrita Vishwa Vidyapeetham, Kochi | CGPA: 8.14 / 10 | Batch: 2024–2028 community : bi0s — CTF sessions & security research location : Trivandrum, Kerala, India
Cybersecurity undergraduate with a practitioner mindset — I understand attacks in order to build better defences. Hands-on with multi-VM lab environments, SIEM deployment, and Python-based security tooling. Active CTF competitor through the bi0s cybersecurity community at Amrita Vishwa Vidyapeetham.
Offensive Security
Penetration Testing
Metasploit Framework
Nmap Reconnaissance
Privilege Escalation
Post-Exploitation
Defensive Security
Wazuh SIEM
Suricata IDS/IPS
Log Analysis
Alert Triage
Threat Detection
Web & App Security
SQL Injection
XSS (Stored/Reflected)
DVWA
OWASP Top 10
Vulnerability Scanning
Cryptography
Hash Dumping
John the Ripper
Classical Ciphers
Password Analysis
Entropy Scoring
Languages
Security & Networking
Backend & Databases
Tooling & Infrastructure
🔐 Cybersecurity Home Lab — Multi-VM Offensive & Defensive Environment
Production-grade isolated penetration testing and threat detection laboratory built from the ground up on VirtualBox — simulating real-world attacker/defender scenarios across a host-only network.
| Stack | Kali Linux · Metasploitable 2 · Ubuntu (Wazuh SIEM) · Windows 7 · VirtualBox |
| Network | Host-only isolated topology — 4 VMs |
| Exploits | vsftpd 2.3.4 · UnrealIRCd 3.2.8.1 · Samba MS-RPC → full root shell on all |
| SIEM | Wazuh 4.7.5 + Suricata 8.0.5 — live alert monitoring across all nodes |
| Web Attacks | SQL Injection (UNION-based) · Stored & Reflected XSS via DVWA |
| Post-Exploitation | Password hash dumping · John the Ripper offline cracking |
Architecture: Kali (attacker) → Metasploitable 2 (primary target) → Ubuntu/Wazuh (detection) → Windows 7 (credential attacks). Documented as a formal penetration test report covering the full kill chain: recon → exploitation → post-exploitation → detection.
📊 AI Stock Risk Report Generator — Claude API Web App
Dark-themed single-page web app that generates AI-powered risk analysis reports for Indian equity and smallcap stocks using the Anthropic Claude API.
| Stack | HTML · CSS · JavaScript · Anthropic Claude API · Vercel Serverless |
| AI Model | Claude Sonnet via Anthropic API |
| Target | Indian equity market — NSE/BSE smallcap focus |
| Output | Structured JSON risk reports rendered as formatted HTML |
| Deployment | Vercel — live in production |
🔑 Password Strength Analyser — Python Security Utility
CLI tool that analyses passwords against entropy, length, character diversity, and common pattern heuristics — built during a remote internship at SkillCraft Technology.
| Stack | Python · Regex · String analysis · CLI |
| Coverage | Length · Character class diversity · Common pattern detection |
| Output | Colour-coded strength rating with actionable feedback |
Implements a weighted scoring model that penalises dictionary-adjacent patterns while rewarding true entropy.
🔒 Caesar Cipher Tool — Cryptographic Python Utility
Python implementation of the classical Caesar cipher with encryption, decryption, and brute-force key-space analysis mode.
| Stack | Python · Modular arithmetic · CLI |
| Features | Encrypt · Decrypt · Brute-force all 25 shifts |
| Context | SkillCraft Technology Remote Internship |
📱 Attendance Calculator — Native Android App (Kotlin)
Android app that calculates minimum attendance requirements and predicts percentage based on classes attended vs held.
| Stack | Kotlin · Android Studio · XML Layouts |
| Features | Minimum class calculator · Percentage tracker · Skip budget |
Cybersecurity Intern · SkillCraft Technology (Remote)
June 2024 – July 2024
- Engineered a password strength analyser in Python with weighted entropy scoring across multiple character class dimensions
- Developed a Caesar cipher tool with brute-force key analysis mode
- Applied modular code structure, CLI design, and security-first output handling
Python Cryptography CLI Development Security Tooling Linux
| Recognition | Details |
|---|---|
| 🏛️ bi0s CTF Community Member | Active participant in CTF competitions and security research workshops at Amrita Vishwa Vidyapeetham, Kochi |
| 🎓 CGPA 8.14 / 10 | Consistent academic performance across BCA Honours (Computer Science), Batch 2024–2028 |
| 🔐 Home Lab — Root on 3 CVEs | Achieved root shell access across vsftpd, UnrealIRCd, and Samba on isolated multi-VM lab environment |
| ☁️ Vercel Production Deployment | Shipped a Claude API-powered stock risk report generator to production with serverless CORS proxy |
| 📱 Android App — Shipped | Built and resolved adaptive icon conflicts on a native Kotlin attendance calculator app |
learning: - Advanced Metasploit post-exploitation modules - Wazuh SIEM rule authoring and alert correlation - Power BI for security dashboards (PL-300 path) - SQL for threat hunting and log analysis building: - Cybersecurity home lab formal pentest report (PDF) - Home lab architecture diagram for GitHub README - Local AI portfolio analyser — FastAPI + React + Groq + SQLite exploring: - TryHackMe CTF challenges (Web · Forensics · Privilege Escalation) - Cisco CyberOps Associate certification track - Google Data Analytics Certificate via Coursera
"Security is not a product, but a process — and I'm committed to mastering every layer of it."