About me

I am a self-taught Cybersecurity Professional and Google Cloud Certified Security Engineer, with expertise in offensive, defensive and cloud cybersecurity operations. My curiosity drives a creative approach to securing digital environments, where I apply my skills to translate complex concepts into actionable insights. Passionate about building security-aware systems and empowering teams, I strive to contribute to safer digital landscapes.

Beyond cybersecurity, I am a lifelong learner with interests in chess, music, philosophy, meditation, and reading diverse books. As an INTJ-T, I thrive on deep thinking and introspection, constantly seeking to expand my understanding of the world.

04+

Years of
Experience

06+

Years of
Self Learning

20+

Certifications
Earned

50+

CTF's
Participated

What I'm Doing

  • Freelance Security Services Icon

    Freelance Security Researcher

    Providing various security services including Article Writing, Vulnerable Lab Making, Training, Pentesting, and Vulnerability Assessments on a freelance basis.

  • Security Content Creation Icon

    Security Content Creation

    I conduct research on various security vulnerabilities and exploits, and I create blogs and vulnerable machines based on my findings to help new security professionals learn about different techniques.

  • Cybersecurity Learning Icon

    Self Learning

    Continuously learning and practicing both offensive and defensive techniques to grow as a hacker. Practicing both offensive and defensive techniques is going to give me both attacker's and defender's perspective.

  • Chess Strategy Icon

    Chess

    I am committed to mastering chess, as it is a game that has been shown to improve a wide range of soft skills, such as stress management, critical thinking, and problem-solving.

Certified by Leading Tech Companies

Google

Microsoft

IBM

ISC2

CompTIA

HackTheBox

AWS

Azure

GCP

GitHub

OCI

Freelance Services & Pricing

Get professional cybersecurity services tailored to your needs. Send your project details via the chat bubble, or click 'Hire Me' to get started or inquire via email to hire me full-time. The prices may vary depending on the scope of your project.

Web Application Penetration Testing

Standard+

Comprehensive security assessment of your web applications to identify and mitigate vulnerabilities.

Hire Me

Network Penetration Testing

Advanced+

Thorough evaluation of your network infrastructure to uncover security gaps and recommend improvements.

Hire Me

Vulnerability Assessment

Essential+

Identify, classify, and prioritize vulnerabilities in your systems and applications.

Hire Me

Hybrid & Multi-Cloud Services

Premium+

Get expert help with setting up, optimizing, and securing your cloud infrastructure across AWS, Azure, GCP, OCI, and more.

Hire Me

Digital Forensics & Incident Response

Rapid+

Investigation and response to security incidents, including evidence collection and root cause analysis.

Hire Me

DevSecOps & Server Administration

Enterprise+

Secure and optimize your DevOps pipeline with integrated security, automation, and server management for reliable, hardened infrastructure.

Hire Me

Latest Articles

Technology Stack

Linux

Advanced

Bash

Scripting

Python

Automation

PowerShell

Automation

Nmap

Network Scanning

Burp Suite

Web Security

Metasploit

Exploitation

Sliver Framework

C2 Framework

Wireshark

Network Analysis

AWS

Cloud Platform

Azure

Cloud Platform

GCP

Cloud Platform

OCI

Cloud Platform

Docker

Container Security

Kubernetes

Container Orchestration

Git

Version Control Tool

Vim

Text Editor

© 2025 Safwan Luban. All rights reserved.

Awareness

Enhancing Your Online Safety

Stay informed about essential cybersecurity practices to protect yourself and your digital assets. Each card below contains valuable information about common security threats and best practices.

© 2025 Safwan Luban. All rights reserved.

Resume

Experience

  1. Shorborno Holdings Ltd. - Offensive Security Engineer

    Nov 2025 - Present

  2. WeCare Education - Cyber Security Consultant

    Jan 2024 - Sep 2025

  3. GenCourse - Security Researcher

    Nov 2021 - Dec 2023

  4. Frontend Web developer

    2020

Education

  1. University of the People, USA

    Expected Graduation: Apr 2027

    Bachelor of Science in Computer Science

  2. Harvard University

    2022

    CS50 Course - Introduction to Computer Science

  3. Ethical Hacking, Cybersecurity and IT

    2021 - Present

    Self-Study

  4. Web Development

    2020

    Self-Study

Operating systems

  1. Linux

    Arch, Kali, Parrot, Blackarch, Amazon Linux, RHEL, Ubuntu, Debian, Fedora, Manjaro, Lubuntu

  2. Windows

    Windows 7, 10, 11

Technical languages

  1. C

  2. Python

  3. Java*

  4. SQL

  5. Bash

  6. PowerShell*

  7. HTML

  8. Markdown

Expertise

  1. Fundamental

    Strong base in computing, networking, and virtualization, aligned with certifications like CompTIA Security+, ISC2 CC, and CNSP. Skilled in Hyper-V, AWS, Azure, and GCP, with knowledge of ISMS frameworks and compliance through ISO/IEC 27001:2022 Lead Auditor.

  2. Offensive Security

    Hands-on experience in web app & network security, reconnaissance, exploitation, and privilege escalation, backed by CAP, APIsec Practitioner, CPTS, CWL Red Team Analyst, and CRTA. Practical knowledge in AD attacks and vulnerability assessments through HTB Pro Labs and CySA+ training.

  3. Defensive Security

    Proficient in threat frameworks (MITRE ATT&CK, Cyber Kill Chain, Diamond Model), SOC operations, SIEM/SOAR, and endpoint monitoring with tools like Splunk, Wazuh, and Sentinel. Experienced in traffic analysis, IDS/IPS, and DFIR workflows using Autopsy, Redline, KAPE, and Volatility. Certified through SC-200, Google Cybersecurity Professional, and THM SOC L1.

  4. Cloud Security

    Specialized in securing workloads across AWS, Azure, and GCP, validated by Google Professional Cloud Security Engineer, AWS Solutions Architect, and SC-200 certifications. Knowledgeable in compliance (ISO 27001, SOC 2, GDPR) and cloud-native security tools (GuardDuty, Sentinel, GCP SCC).

  5. DevSecOps & Automation

    Focused on container and pipeline security with Docker, Kubernetes, and GitHub Advanced Security. Experienced in CI/CD security, IaC with Terraform, and policy-as-code for secure multi-cloud deployments.

  6. Tools & Platforms

    Comfortable with a wide range of tools across offensive (Nmap, Burp Suite, Metasploit, BloodHound), defensive (Wireshark, Snort, Zeek, Splunk, Wazuh), DFIR (Autopsy, Volatility, KAPE), and cloud-native SIEM/EDR platforms. While tools are important, they can always be learned; what matters most is the underlying methodology, problem-solving mindset, and adaptability in applying them effectively.

Projects

  1. Architected C2 Redirector with Cloudflare

    Designed and implemented a stealthy command-and-control infrastructure leveraging Cloudflare's global network to mask traffic and evade detection.

  2. Developed Custom Kernel Modules for Untraceable C2

    Developed a proof-of-concept kernel module to demonstrate advanced persistence techniques at the deepest level of the Linux operating system.

  3. CVE-2023-22809 PoC

    A proof-of-concept exploit targeting CVE-2023-22809, demonstrating the vulnerability, impact, and potential attack vector in a safe and controlled environment for research and educational purposes.

  4. Reconnaissance & Scanning Tools

    Developed custom tools including a Subdomain Enumerator, Port Scanner, Web Crawler, XSS Scanner, Directory Buster, GitHub Scraper and API Fuzzer to automate discovery and vulnerability identification.

  5. File Integrity Monitor

    A monitoring tool that tracks and logs changes to files, directories, or system binaries to detect unauthorized modifications, malware injections, or insider threats.

  6. Honeypot

    Honeypot is a Python-based tool utilizing Scapy to detect and log port scanning activities on a network.

  7. Additional Projects

    A full portfolio of projects is available on my GitHub: github.com/Toothless5143

My Skills Summary

  • Web Application Penetration Testing
    60%
  • Network Penetration Testing
    80%
  • Cloud Security Engineering
    80%
  • Digital Forensics
    70%
  • Incident Response
    65%
  • Malware Analysis
    40%

© 2025 Safwan Luban. All rights reserved.

Certifications

Achievements

© 2025 Safwan Luban. All rights reserved.

Blogs

© 2025 Safwan Luban. All rights reserved.