I am a cybersecurity student and junior web application security tester focused on manual web application testing, OWASP Top 10, authentication and access control issues, API security, and professional vulnerability reporting.

I recently passed the HTB CWES/CBBH exam and I am building my portfolio around practical web security assessments, structured writeups, and clean technical reporting.

• Web Application Security Testing
• OWASP Top 10
• Authentication & Session Management
• Access Control / IDOR
• XSS, SQLi, File Upload Issues
• API Security Testing
• Vulnerability Reporting & Remediation Guidance

• HTB Writeups: structured retired-machine writeups focused on methodology, exploitation, privilege escalation, and lessons learned.
• Sample Pentest Reports: professional-style vulnerability reports with impact, reproduction steps, evidence, and remediation.
• Security Tools: small Python tools built to support learning and practical testing.

I am looking for junior web application security testing opportunities, freelance security review work, and subcontractor support roles with security teams or agencies.

• LinkedIn: https://www.linkedin.com/in/bahran-bahrani/
• GitHub: https://github.com/farSec