Open to Remote & Relocation

Masood Ur Rehman

Cybersecurity Engineer &
Penetration Tester

Offensive security professional specializing in penetration testing, vulnerability assessment, and Active Directory security. Leveraging a strong software engineering foundation to identify vulnerabilities and strengthen client defenses.

Explore Projects Get In Touch
guest@masood.engineer: ~
Initializing secure session to masood.engineer...
Session established. welcome guest user.
Type help for a list of available commands.

guest@masood.engineer:~$

01. About Me

I am an Offensive Security Engineer with a strong software engineering background, specializing in identifying, chaining, and mitigating vulnerabilities across web applications, network infrastructure, and Active Directory environments.

My security philosophy is rooted in a deep understanding of code. Having earned a Bachelor of Science in Software Engineering, I bridge the gap between building resilient systems and executing realistic attack simulations. I hold the prestigious HTB Certified Penetration Testing Specialist (CPTS) credential, demonstrating hands-on mastery of modern penetration testing methodologies.

Through my freelance consulting and independent research, I focus on executing comprehensive vulnerability assessments, designing secure coding practices, and auditing APIs. I continuously sharpen my skills in security labs, developing automation tools, and conducting local Active Directory attack simulations to remain ahead of modern threat actors.

Masood Ur Rehman

Cybersecurity Engineer & Pentester

  • Status Active Research
  • Certification HTB CPTS ↗
  • Location Pakistan (Remote)
  • Interests CTFs, Bug Bounty, OSINT

02. Technical Stack

Categorized technologies and tools I actively utilize for penetration testing, development, and audits.

Web App Pentesting Advanced
Active Directory Attacks Advanced
Privilege Escalation (Linux/Win) Advanced
Network Penetration Testing Advanced
API Security Testing Advanced
Binary Exploitation & Reverse Eng Intermediate
Metasploit & Burp Suite Expert
Wireshark & Nessus Advanced

03. Featured Works

A selection of security audits and software applications I have executed and built.

Web Security

Web Application Penetration Assessment

Conducted comprehensive web application penetration testing for enterprise-level clients, identifying vulnerabilities including authorization bypasses, injection flaws, IDORs, and cross-site scripting (XSS), and delivering professional threat mitigation reports.

  • OWASP Top 10
  • Burp Suite
  • API Pentesting
  • Remediation
Oct 2024 – Dec 2024 USA (Remote)
Network Security

Internal Network & Active Directory Audit

Conducted simulated cyber attacks on internal network infrastructure and Active Directory domains. Identified misconfigurations, weak permissions, and privilege escalation routes, enabling stakeholders to secure internal active systems.

  • Active Directory
  • BloodHound
  • Nmap
  • Privilege Escalation
Jul 2024 – Aug 2024 USA (Remote)
Mobile App Highlight

DeOldify - Colorize Old Photos

An Android utility application designed to restore color to classic black-and-white photos. Engineered using Flutter for cross-platform visual consistency, integrating deep learning colorization API backends, and achieving thousands of installations on the Google Play Store (Discontinued).

  • Flutter
  • Dart
  • AI Integration
  • Android SDK
Mobile Development Google Play Store ↗

04. Professional Timeline

My professional career milestones in software engineering and penetration testing.

Independent Security Researcher

Self-Employed
Jul 2025 – Present
  • Actively compete in HackTheBox and CTF challenges to sharpen offensive security, exploit development, and Active Directory attack methodologies.
  • Conduct independent vulnerability research and bug bounty hunting on public web applications and APIs.
  • Pursue advanced penetration testing techniques across web applications, external network layers, and Active Directory structures.

Freelance Cybersecurity Consultant & Software Engineer

Remote / International
Mar 2024 – Jun 2025
  • Conducted web application penetration tests and network security assessments for enterprise clients across the USA and Europe.
  • Identified and reported critical logical and system vulnerabilities (OWASP Top 10), directly mitigating the threat of major data breaches.
  • Delivered comprehensive, professional-grade security assessment findings and threat reports for each customer engagement.
  • Developed and deployed cross-platform mobile applications utilizing Flutter and Dart, integrating secure coding guidelines at all stages.
  • Tested backend architecture security on enterprise systems, assessing REST/GraphQL API endpoints and authorization controls.
  • Built a repeat-client base through direct professional referrals, establishing a reputation for high-quality, trusted delivery.

05. Certifications

HTB Certified Penetration Testing Specialist (CPTS)

HackTheBox

Active Certification
Verify Credential ↗

06. Education

Bachelor of Science in Software Engineering

Gomal University

Oct 2016 – Dec 2020

Pakistan

07. Contact

I am currently open to remote opportunities, bug bounty collaborations, penetration testing engagements, or full-time relocation offers. Let's build and secure together.

masoodbarkiwork@gmail.com
+92 349 892 4482
Pakistan (Open to Relocation)