Skip to content
View root0x7's full-sized avatar
🏠
Working from home
🏠
Working from home
8 followers · 9 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Highlights

  • Pro

Block or report root0x7

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
root0x7/README.md

πŸ§‘πŸΏβ€πŸ’» About me

I am a Cybersecurity Specialist with strong expertise in Application Security and Security Operations (SOC). Since 2020, I have been actively involved in software development and penetration testing, building secure applications, analyzing threats, and responding to incidents.

As an Application Security Engineer, I focus on identifying vulnerabilities in source code, securing web applications, and integrating security into CI/CD pipelines. My experience includes secure code reviews, threat modeling, SAST/DAST tools, and container security.

As a SOC Analyst, I specialize in incident response, threat hunting, memory and malware analysis, and SIEM log correlation. I have hands-on experience with tools like Volatility, Wireshark, ELK, Wazuh, and Splunk, Malware analysis and I actively use the MITRE ATT&CK framework to map adversary techniques.

With a dual background in software engineering and security operations, I bring a holistic approach to protecting systems β€” from writing secure code to defending against advanced cyber threats.

Security Researcher xinux.uz

πŸ›‘οΈ Security Skills

πŸ”Ή Application Security Engineer

Secure Code Review – Identifying vulnerabilities in PHP, Pytho and  JavaScript/NodeJs

Web Application Penetration Testing – XSS, SQLi, CSRF, IDOR, SSRF, RCE, File Upload attacks and other attacks

Threat Modeling & Secure Design – Based on OWASP ASVS, OWASP Top 10, CWE/SANS Top 25

SAST & DAST – Hands-on with SonarQube, Semgrep, Burp Suite, OWASP ZAP, Nikto and other tools

Dependency & Supply Chain Security – Securing Composer, NPM, and Pip packages

πŸ”Ή SOC Analyst

SIEM & Log Analysis – Skilled in Splunk, ELK, Wazuh, Graylog for log correlation and threat hunting

Incident Response (IR) – Experienced in Triage, Containment, Eradication, and Recovery processes

Malware Analysis – Static and dynamic analysis (strings, YARA, Volatility, Wireshark)

Memory Forensics – Detecting credential dumping and process injection with Volatility3, Rekall

Network Traffic Analysis – PCAP investigation, writing Suricata/Zeek IDS rules

Endpoint Security – Creating Sysmon rules and analyzing EDR logs

Threat Intelligence – Working with IOCs, YARA rules, Sigma rules, and MISP integrations

MITRE ATT&CK Mapping – Tracking adversary TTPs and correlating attack scenarios

πŸ’» Tech Stack:

C C++ HTML5 JavaScript PHP Python Bash Script Flask Laravel Livewire WordPress Apache Nginx

Popular repositories Loading

  1. decPEAS decPEAS Public

    Linux persistence detector

    Shell 5

  2. phpTeleBot phpTeleBot Public

    PHP 1

  3. wso-webshell wso-webshell Public

    Forked from yousssef201/wso-webshell

    πŸ•Ή wso php webshell

    PHP

  4. php-form-builder php-form-builder Public

    php form builder

    PHP

  5. mcrest mcrest Public

    PHP

  6. password-generator password-generator Public

    password generator