Cybersecurity Specialist

Offensive & Defensive Security Pen Testing, Exploit Dev, Malware Analysis, and SOC/IR Practices. Skilled in Python, Bash, and low-level assembly on Linux. Passionate about building, breaking, and defending systems.

GitHub LinkedIn Hire Me

Focus

Web, Network, Mobile

Languages

Python, Bash, ASM

Linux

Shellcode & BOF

CTFs

Top 1% TryHackMe

Open to roles in Pen Testing, VAPT, Red Team Ops, SOC Analysis, and Threat Research.

About Me

I’m a junior cybersecurity professional with hands-on experience in both red team and blue team practices. On the offensive side, I’ve built and used tools like port scanners, sniffers, ARP spoofing and detection, IDOR checkers, brute forcers, and reconnaissance utilities. I’ve also written custom encrypted bind/reverse shells, shellcode for Linux, and explored malware techniques and exploit development including buffer overflows. On the defensive side, I’ve developed tools for ARP spoof detection, DDoS detection and blocking, log analysis, and incident investigation scripts. This blend of skills gives me a strong understanding of how attacks work and how to defend against them.

Skills & Tooling

Port Scanner

Custom TCP/UDP scanning and banner grabs in Python/Bash.

Netcat & Sockets

Pivoting, reverse/bind shells, and quick file transfer.

Shellcode (Linux ASM)

Custom reverse/bind shells and encoder/decoder stubs.

ARP Spoofing & Detect

Spoofing labs plus ARP anomaly detection scripts.

IDOR Checker

Parameter fuzzing and access control checks for APIs.

Network Sniffer

Packet capture, filtering, and simple flow summaries.

Network Scanner

Subnet discovery and service enumeration.

SQLi & Sensitive Data

Manual testing and payload crafting for common flaws.

Log Analyzer

Suspicious pattern detection and quick triage views.

Directory Listing & Recon

Content discovery and subdomain/domain busting.

Bruteforcer (Ethical)

Rate-limited wordlists, only for authorized tests.

Process/Self Injection

Research and lab simulations for education.

DDoS Defender

Rate detection and defensive patterns in lab environments.

DDoS (Lab Only)

Traffic generation in isolated, permitted labs for learning.

Defensive Highlights

Blue-team tools from my stack

ARP Spoof Detect

Catches table anomalies and alerts cleanly.

DDoS Defender

Identifies bursts and throttles in labs.

Network Sniffer

Monitors flows and filters suspicious traffic.

Log Analyzer

Spots patterns and highlights outliers fast.

Selected Projects

Multi-Mode Port & Network Scanner

Python/Bash

Fast TCP/UDP probing with banner grabs, CIDR sweep, and JSON summaries. Built for speed and clarity during engagements.

Scanning Enumeration Automation

View on GitHub

Encrypted Reverse/Bind Shellcode

Assembly

Linux shellcode experiments with simple encoders/decoders and staged payloads for controlled lab use.

ASM Security Research

Web IDOR & Recon Suite

Python

Parameter discovery, access checks, and domain busting to quickly spot authorization gaps and hidden routes.

Web Recon Automation

View on GitHub

ARP Spoof Detector & Sniffer

Python

Detects table anomalies and sniffs for suspicious flows; helpful for blue-team practice and demos.

Detection Networking

View on GitHub

Experience

Junior Pen Tester — CodeSecure (Intern)

3 months

Web app testing, network assessments, and mobile testing. Found IDOR, SQL injection, sensitive data exposures, and directory listing issues. Worked both individually and in a team.

Web Pen Tester — Hackers For You (Intern)

3 months

Focus on web applications, recon, and validation of remediation steps. Coordinated reports and walkthroughs with stakeholders.

Independent Security Researcher

~2 years

Dedicated to CTFs, labs, and courses: TryHackMe top 1%, personal tooling, and practice in exploit/malware topics. Ready to bring this focus to a full-time role.

Bug Bounty & CTFs

Ongoing

Submitted multiple findings (some marked informational). Solved many labs and machines on TryHackMe; consistent top 1% performance.

Certifications & Courses

CompTIA Security+

Completion Certificate

CompTIA PenTest+

Completion Certificate

IBM QRadar Foundational

Verified

Threat Hunting Essentials

Completion Certificate

Splunk: Event Management

Completion Certificate

Splunk Security Analytics

Completion Certificate

Google: Network & Security

Completion Certificate

Contact

Reach out for roles, collaborations, or security testing engagements.

Email

dheerajbalan7@gmail.com

Phone

+91 9361254350

GitHub LinkedIn

All security work is performed ethically and only with proper authorization.