About me

Breaking things to build better defenses.

I am Rana Uzair Ahmad, a cybersecurity student in my seventh semester at Air University, Islamabad. My focus sits at the intersection of offensive and defensive security: I enjoy taking systems apart to understand how they break, then using that insight to build stronger defenses and better tooling.

My hands-on path started early. During my internship at the National Cybercrime and Forensics Lab under the NCCS, I worked daily with SIEM platforms like Wazuh, Splunk, and Kibana, and built a custom C based agent for network scanning, log collection, and active response. Today I work as a penetration tester at ZeroxInnovation, assessing web applications and networks and translating findings into clear, prioritized remediation.

Outside of formal roles, I build. I have published 34 plus open source security tools, compete in CTFs on TryHackMe (Top 3 percent globally) and HackTheBox, and document what I learn so others can move faster. I am currently open to security internships and junior roles where I can keep growing alongside a strong team.

34+ Open Source Projects
Top 3% TryHackMe Global Rank
17 Certifications
2+ Yrs Hands-On Experience
The path so far

Experience & Education

A timeline of the roles, internships, and study that shaped how I work.

Penetration Tester

Apr 2025 - Present
ZeroxInnovation · Remote
  • Perform vulnerability assessments and penetration tests on client web applications and networks, mapping findings to OWASP Top 10 and MITRE ATT&CK.
  • Identify, validate, and safely demonstrate exploitable weaknesses, then prioritize them by business risk for remediation.
  • Deliver clear technical reports with reproduction steps, severity ratings, and actionable remediation guidance for both engineering and management audiences.
Burp SuiteMetasploitNmapSQLmapKali LinuxPython

Cybersecurity Intern, SOC & Security Tooling

Jun 2024 - Sep 2024
National Cybercrime & Forensics Lab, NCCS (Air University) · Islamabad, Pakistan
  • Operated and tuned SIEM platforms (Wazuh, Splunk, Kibana) to monitor, triage, and investigate security events across lab infrastructure.
  • Designed and built a custom C based endpoint agent for network scanning, log collection, and active response, extending the lab’s detection coverage.
  • Applied C, JavaScript, Python, and MySQL to automate data collection and reporting tasks during live security operations.
  • Gained hands-on exposure to incident response, threat detection, and digital forensics workflows.
WazuhSplunkKibanaCPythonMySQL

Independent Security Researcher & Open Source Developer

2023 - Present
Self-directed · Islamabad, Pakistan
  • Designed and published 34+ open source security tools spanning packet analysis, SSH hardening, reconnaissance, SIEM agents, and system auditing.
  • Compete in CTFs on TryHackMe (Top 3% globally) and HackTheBox, sharpening exploitation, forensics, and reverse engineering skills.
  • Document techniques and writeups to share knowledge with the security community.
PythonCBashScapyLinux

BS in Cyber Security

2023 - 2027 (Expected)
Air University, Islamabad
  • Seventh semester. Coursework: Network Security, Cryptography, Malware Analysis, Digital Forensics, Operating Systems, Secure Software Design.
  • Active member of the university cybersecurity community and CTF team.
Capabilities

Skills & Expertise

Penetration Testing 85%
Python & Security Automation 88%
Network Security & Monitoring 82%
SIEM & Threat Detection 80%
Linux & System Hardening 90%
Malware Analysis & Reverse Engineering 72%
Digital Forensics 75%
C / Low-Level Programming 78%

Offensive Security

Penetration TestingWeb Application SecurityNetwork Penetration TestingVulnerability AssessmentOSINT & ReconnaissanceExploit Development

Defensive Security

SOC OperationsSIEM (Wazuh, Splunk, ELK)Threat HuntingIncident ResponseThreat IntelligenceLog Analysis & Detection Engineering

Forensics & Malware

Digital Forensics (Autopsy, CSI Linux)Reverse Engineering (x64dbg)Malware AnalysisMemory & Disk ForensicsNetwork Forensics (Wireshark)

Programming & Scripting

PythonC / C++Bash & ShellJavaScriptPowerShellAssemblyRustSQL

Tools & Platforms

Burp SuiteMetasploitNmap & NessusSQLmap & OWASP ZAPWazuh / Splunk / KibanaGhidra & x64dbgGit & Docker

Operating Systems & Frameworks

Kali LinuxParrot OSUbuntu / DebianWindows InternalsMITRE ATT&CKOWASP Top 10NIST CSF
Credentials

Key Certifications

A few highlights from my certification stack.

See all on resume
Oct 2025

CompTIA PenTest+ (PT0-002)

CompTIA · Coursera Specialization

Dec 2025

Certified Cybersecurity Educator Professional (CCEP)

Red Team Leaders

Oct 2025

Cyber Threat Intelligence 101 (Foundation TIA)

arcX

Oct 2025

CSI Linux Certified Investigator (CSIL-CI)

CSI Linux

Oct 2024

Mastering Reverse Engineering & Malware Analysis (REMASM+)

OCSALY Academy · Udemy

2024

Cybercrime & Forensics Lab Internship

National Center for Cyber Security (NCCS), Air University

Hands-on

CTF & Competitions

Let us connect

Always open to discussing cybersecurity, collaborating on tools, or exploring opportunities.