> INITIALIZING_PROFILE
Faiz Abdul Sukoor
Certified cybersecurity professional with 8 years of hands-on experience in penetration testing and vulnerability management. Proven track record in delivering successful projects across web and mobile application security, network security, cloud security, and vulnerability management. Passionate about protecting digital assets in an ever-evolving threat landscape.
The Operator Behind the Engagements
A certified cybersecurity professional turning adversarial thinking into defensible, enterprise-grade security.
Certified cybersecurity professional with 8 years of hands-on experience in penetration testing and vulnerability management. Proven track record in delivering successful projects across web and mobile application security, network security, cloud security, and vulnerability management. Passionate about protecting digital assets in an ever-evolving threat landscape.
B.Tech in Computer Science & Engineering
SCMS School of Engineering and Technology
Capabilities Across the Stack
Four disciplines, one cohesive offensive-to-defensive security practice.
Offensive Security
Adversarial testing across the full application and network stack.
Industry-Recognized Credentials
Eight certifications spanning offensive security, red teaming, and cloud.
OSCP+
Offensive Security Certified Professional
CISSP
Certified Information Systems Security Professional
CRTP
Certified Red Team Professional
eWPTX
Web Application Penetration Testing Extreme
MCRTA
Multi-Cloud Red Team Analyst
CEH
Certified Ethical Hacker
AZ-900
Microsoft Certified: Azure Fundamentals
AI-900
Microsoft Certified: Azure AI Fundamentals
Career Journey
Eight years of progressive offensive security roles at global consulting firms.
Engagements & Case Studies
Representative projects across penetration testing, red team, cloud, and automation.
Enterprise Web App Penetration Test
Full black-box and grey-box penetration test of a Fortune-500 financial services portal. Chained an SQL injection into authenticated data exfiltration and uncovered multiple IDOR flaws, delivering a prioritized remediation roadmap.
External Attack Surface Management
Mapped and continuously monitored the external digital footprint of a global enterprise. Surfaced shadow IT, expired certificates, and exposed services across thousands of assets using Bitsight, Xpanse, and Qualys.
Red Team Engagement
Simulated an advanced threat-actor intrusion against a banking client. Achieved domain compromise through spear-phishing, lateral movement, and credential harvesting while mapping every step to MITRE ATT&CK.
Azure & AWS Cloud Security Review
CIS-benchmark configuration review across a multi-subscription Azure tenant and AWS estate. Identified over-privileged identities, misconfigured IAM, weak logging, and publicly exposed storage.
Security Automation Framework
Built a Python and Power Automate pipeline integrating Nessus, Qualys, and Burp Suite APIs to auto-triage findings, deduplicate CVEs, and generate client-ready CVSS-scored reports.
Mobile Application Security Audit
OWASP MASVS assessment of an iOS and Android banking application. Reverse-engineered the build to expose hardcoded secrets, insecure storage, and bypassed certificate pinning at runtime.
Impact at a Glance
Let's Secure Something Together
Available for penetration testing engagements, security consulting, and red team exercises.