How I started my career in Cyber Security?

Hello Folks!

Thank you for visiting my blog. Let me take you through my journey into cybersecurity, from curiosity-driven tinkerer to a certified professional blending QA and AppSec.

Phase 1: The Foundation

I began my IT career with a Bachelor’s degree in Computer Applications, followed by a part-time Master’s degree while working as an Automation Tester at a service-based company. Growing up, I was fascinated by how systems work whether reverse-engineering gadgets, analyzing code, or obsessing over Batman’s tech (yes, I’m a lifelong fan!).

My cybersecurity journey started during my bachelor’s program with a Phishing Detection Application project. Using open-source tools from GitHub, I built a system to detect malicious emails and spoofed websites. This project sparked my passion for ethical hacking, though I soon realized it’s less about Hollywood-style exploits and more about methodical problem-solving.

Phase 2: The Udemy Experiment

A friend gifted me a Udemy course Ethical Hacking from Scratch by Zaid Sabih. While it introduced basics like information gathering, scanning, and gaining access, I struggled to grasp the "why" behind attacks. Completing the course left me with a certificate but little practical knowledge a humbling lesson in the importance of foundational learning.

• 📡 Information Gathering
• 🔍 Network Scanning
• 🔧 Nmap Advanced Enumeration
• 📦 Wireshark Packet Analysis
• 💣 Metasploit Framework
• 🕸️ Web App Testing (WAPT)
• 🔓 Access Exploitation

Phase 3: TryHackMe & Practical Awakening

My breakthrough came with TryHackMe. Here, I learned the fundamentals of networking, tools like Nmap, and web app hacking via the OWASP Top 10. Solving machines taught me to research services, abuse misconfigurations, and chain vulnerabilities skills I now use daily as a Software Quality Engineer at Infosys.

Mastered through 100+ labs:

• 🚩 Pentesting Principles
• 🐧 Linux System Mastery
• 🔗 Network Fundamentals
• 🛡️ OWASP Top 10 Vulnerabilities
• 📡 Nmap Advanced Techniques
• 💥 EternalBlue Exploitation

Where I Am Now

Today, I hold certifications like CompTIA Security+ and CEH v12, and I’m preparing for the OSCP. At Infosys, I merge QA automation (Java/Selenium) with security testing, focusing on:

• Identifying OWASP Top 10 vulnerabilities in web apps/APIs.
• Securing legacy systems (Mainframe, Oracle JDBC) for GDPR/HIPAA compliance.
• Automating security checks in CI/CD pipelines using tools like Burp Suite.

• 🔐 Certifications: Security+ CEH v12
• ⚙️ Tools: Burp Suite | Metasploit | Selenium
• 📚 Specialties: Web App Security | Legacy System Hardening

Final Thoughts

Cybersecurity is a journey of continuous learning. Whether you’re starting with TryHackMe or transitioning from QA like me, persistence and curiosity are key. If you’re passionate about ethical hacking, AppSec, or Batman’s tech, let’s connect!

Connect with Me

🐦 Twitter 💼 LinkedIn 🏠 Blog