Hi, I’m Nehal Zaman, a cybersecurity enthusiast and software engineer based in Bengaluru, India. I specialize in application security, penetration testing, and automation. With a strong background in web security, vulnerability research, and exploit development, I enjoy breaking and securing systems.

What I Do

• Work on security testing and vulnerability assessments.
• Develop automation tools to improve security workflows.
• Contribute to open-source security research.
• Play CTF competitions and solve real-world security challenges.

Projects & Research

I have worked on several security-focused projects, including:

• Get-crtsh – A tool for finding public assets using Certificate Transparency logs.
• Node.js Deserialization Payload Generator – Automates malicious payload creation for security testing.
• RCE Exploit for Clipbucket v4.0 – Demonstrates remote code execution on vulnerable servers.

I also publish security research and CTF write-ups on my blog and have contributed to Exploit-DB.

Certifications & Achievements

• ElearnSecurity Junior Penetration Tester (eJPT)
• Certified Appsec Pentester (CAPen)
• Certified Appsec Practitioner (CAP)
• Ranked Pro-Hacker on HackTheBox and #2 in PwnTillDawn India
• Hall of Fame mentions for reporting security vulnerabilities to multiple organizations

Let’s Connect

• GitHub: github.com/Nehal-Zaman
• LinkedIn: linkedin.com/in/n3hal
• Email: nehalcodes@gmail.com

I’m always open to discussions on cybersecurity, automation, and new research ideas! 🚀