shehnaz KHAN

As a passionate and detail-oriented Cyber Security Engineer, I specialize in penetration testing, security automation, and cyber recovery strategies. With hands-on experience in web app, network, and API testing, I’ve helped organizations proactively identify and mitigate vulnerabilities using tools like Burp Suite, Nessus, Nmap, and custom Python scripts.

Currently contributing at R.U.D.R.A Cybersecurity, I focus on automating VAPT processes and building scalable security workflows using n8n. My work includes custom vulnerability detection tools, asset discovery automation, and incident response—aligning directly with Cyber Recovery goals.

Highlights:

Conducted full-cycle penetration testing aligned with OWASP Top 10

Built Python tools for mass vulnerability scanning and threat analysis

Delivered talks at Google Dev Fest and Breach Force

CEH Certified + Google Cybersecurity Professional Certification

Founder of ETS Group — mentoring students in ethical hacking

I’m always open to connecting with fellow security professionals, collaborating on research, or exploring opportunities to help organizations build secure, resilient systems

Penetration Testing & VAPT: Strong experience conducting VAPT on web applications, APIs, and networks using OWASP Top 10 methodology.

Security Tools Proficiency: Skilled with tools like Burp Suite, Nessus, Nmap, Wireshark, Kali Linux, Hydra, Netcat, SQLmap, WPScan, and Nikto.

Security Automation: Built custom scripts and workflows using Python and n8n to automate VAPT, attack surface management, and security assessments.

Incident Response & Threat Analysis: Hands-on experience in detecting, analyzing, and mitigating threats during incidents.

Vulnerability Exploitation: Successfully exploited various vulnerabilities including XSS, RCE, SQL Injection, Privilege Escalation, and Prompt Injection.

Documentation & Reporting: Maintains thorough documentation of test plans, exit reports, and schedules.

Projects & Research: Developed tools and workflows like automated API testing scripts, Merlin C2 deployment, mass vulnerability scanning, and Khoj Security Tool.

Public Speaking & Community Involvement: Delivered talks at Breach Force and Google Dev Fest; founded ETS Group to teach cybersecurity practically.

B.E in Electronics and Telecommunication
Anjuman Islam Kalsekar Technical Campus (2020 – 2024)
CGPA: 8.52

Honors in Cyber Security and Ethical Hacking
Anjuman Islam Kalsekar Technical Campus (2022 – 2024)
CGPA: 8.31

Certifications:

EC-Council Certified Ethical Hacker (CEH)

Google Cybersecurity Professional Certificate (Coursera)

VAPT Internship Certification

Ethical Hackers Club Member: Actively participated in cybersecurity workshops and collaborative projects.