About Me

Hi I am Shariq Malik :wave:,

A passionate Penetration Tester and Red Teamer with an insatiable curiosity for unraveling digital complexities. My days are spent delving into the intricate dance between attacker and defender, meticulously dissecting systems to expose vulnerabilities and strategizing ways to bolster defenses. Beyond the realm of cyber skirmishes, Iā€™m an ardent automation enthusiast, weaving code to automate tasks and free up mental bandwidth for more intricate puzzles. A fervent supporter of the open source community, I find joy in contributing to projects that empower and educate. Each day, I step into the digital battlefield armed not just with tools, but with a thirst for innovation, a drive for continuous learning, and a commitment to making the digital world a safer place.

Penetration Testing

Web Application Pentest

95%

Mobile Application Pentest

60%

API Security Assessment

70%

Network Infrastructure Pentest

80%

Cloud Security Assessment

10%

Red Teaming

Threat Modeling

50%

Adversary Simulation

80%

Social Engineering

90%

Exploit Development

70%

Post-Exploitation

85%

Programming Skills

Python

90%

PHP

65%

C#

50%

C++

50%

Soft Skills

Communication Skills

95%

Teamwork

90%

Leadership

90%

Problem Solving

90%

Lead Security Engineer, Ebryx LLC, Lahore, Pakistan

Full Time
2021 ā€” present

  • Web Application Pentest
  • Mobile Application Pentest
  • Internal/External Network Pentest
  • Red Teaming and Social Engineering campaigns
  • Develop Security Tools
  • Report writing and reviewing
  • Project Lead
  • Preparing Execution Plans
  • Preparing sizing for RFPs

Synack Red Team Member, Synack Red Team, USA

Part Time
2022 ā€” present

  • Identify vulnerabilities via assessments.
  • Test applications, networks, and platforms for flaws.
  • Collaborate with Synack's Red Team for insights.
  • Document and report vulnerabilities.
  • Enhance client security with actionable insights.
  • Stay updated on evolving cybersecurity trends.
  • Manage flexible part-time schedule.

Yogosha Bug Bounty Hunter, Yogosha, France

Part Time
2022 ā€” present

  • Conduct thorough security assessments.
  • Identify and analyze vulnerabilities.
  • Collaborate with Yogosha's security community.
  • Document and report security issues.
  • Enhance client cybersecurity strategies.
  • Stay current with cybersecurity trends.
  • Manage flexible part-time commitments.

Team Lead, Digital Forensics and Research Services Center (DFRSC), Lahore, Pakistan

Full Time
2016 ā€” 2021

  • Lead a team of 10 cybersecurity researchers.
  • Conducted penetration testing and vulnerability analysis.
  • Development of in house cybersecurity solutions.
  • Work as a focal person for important cybercrime investigations.
  • To suggest countermeasures and policies for compromised systems.