Aftab Sama

[email protected] Aftab700 aftab-sama

Professional Experience

Tata Consultancy Services

Penetration Tester October 2023 - Present
  • Executed over 100 comprehensive Web, API, Mobile and Thick Client Application penetration tests on staging and production environments while adhering to OWASP, SANS, and PCI-DSS standards, ensuring data security and compliance
  • Led scope calls with clients for over 50 penetration testing assessments, ensuring alignment with client expectations and project objectives
  • Effectively communicated technical findings to non-technical stakeholders, facilitating a clear understanding of vulnerabilities and recommended actions
  • Conducted Configuration Level Vulnerability Assessments (CLVA) for AWS environments, enhancing cybersecurity resilience

Quick Heal

Security Researcher Intern April 2023 - September 2023
  • Created PoC exploits for RDP and SMB brute force attacks to test antivirus effectiveness
  • Developed a Python-based log collection tool that reduced manual data gathering time by 75% for the support team
  • Automated the IoC validation process, enabling the team to process 1000+ IoCs daily, a 10x increase in efficiency
  • Shadowed on malware cases to learn about the investigation process

KPMG

Security Analyst Intern January 2023 - April 2023
  • Created technical documentation and executive-level presentations to communicate assessment findings, risk impact, and remediation strategies to clients and internal stakeholders
  • Automated report generation from PDF to Excel using Python, saving the team an estimated 4 hours of manual work per week
  • Conducted vulnerability assessments and penetration testing on web applications

Certifications

  • Certified AppSec Pentesting eXpert (CAPenX) - The SecOps Group (September 2025)
  • Certified Network Pentester (CNPen) - The SecOps Group (January 2025)
  • Certified AppSec Pentester (CAPen) - The SecOps Group (January 2025)
  • Burp Suite Certified Practitioner (BSCP) - PortSwigger (May 2024)
  • Certified Ethical Hacker (CEH Practical) - EC-Council (September 2023)
  • Web Penetration Tester Path - HackTheBox

Achievements

  • NULL Bangalore Speaker
  • Ranked among the top 100 in TCS HackQuest Season 7 Capture the Flag competition, which led to an employment opportunity with TCS
  • Ranked among the top performers in a national CTF competition organized by the KPMG Cyber Security Team, leading to an internship opportunity with the Digital Trust-Cyber Defense Incident Response team
  • Hacker rank on HackTheBox
  • 5th place in WEC CTF 2024 - February 2024
  • Top 10 in the Wizer CTF event – February 2024
  • 8th place in Anveshanam CTF Organized by IIT Jammu - March 2023

Education

Rashtriya Raksha University

Bachelor of Technology in Computer Science and Engineering (With Specialization in Cyber Security) Jun 2019 - Jun 2023

Technical Skills

  • Languages: Python (Automation & Scripting) , Go, Bash
  • Penetration Testing: Linux, Windows, AD, Web, API, Mobile and Thick Client
  • Cloud: AWS, Docker
  • Standards & Frameworks: OWASP, SANS, PCI-DSS
  • Server hardening: Linux

Projects

Check out my Projects on my LinkedIn.