About

Muhammad Abdullah aka Hwat Sauce

Creative, passionate, and self-taught individual with a love for Offensive Security, Penetration Testing, Red Teaming, Reverse Engineering, CTFs and Little bit of Crypto. Willing to work with others in the hopes of learning new things and creatively providing solutions to complex problems and collaborating with them.

By day, I'm a coffee-fueled coder and nerd, hammering out lines of code like there's no tomorrow. But when the sun sets, the real fun begins. I don my virtual cape, pull on my digital gloves, and dive deep into the cyber-verse. I'm not just a hacker — I safeguard the digital landscape.

I dance through encryption like it's a rhythm game, always two steps ahead of the cyber crooks. Don't worry, though — I mostly focus on keeping things secure.

In this age of digital goldmines, I'm the silent protector, watching over your data while you sleep. If there's a breach to be patched or a botnet to be busted, you can count on me. So if you need a partner in code or just someone to talk shop about the latest infosec trends, I'm your go-to. Here's to being a keyboard ninja by night and a security enthusiast by day!

Skills

• Programming Languages: Python, C++, C#, Java, Bash, and Assembly.
• Tools & Frameworks: Docker, Metasploit, Burp Suite, Nessus, and Nmap.
• Platforms: Linux, Windows, AWS, GCP, Azure, and Cloudflare.
• Blogging: As a hobby, I periodically blog about cybersecurity. You can find my posts on Medium.

Experience

• Security Challenge Developer at Trustline (April 2024 - Present) [Remote]
• Cyber Security Analyst at NCCS - National Center Of Cybersecurity in collaboration with Cybericks (June 2024 - Sep 2024) [Hybrid]

Education

• Bachelor's in Cyber Security from Air University, Islamabad (2022 - 2026)

Certifications

• Certified in Cyber Security (CC)
• Certified ISO/IEC 27001 Information Security Associate
• INE Certified Cloud Associate (ICCA)
• INE Certified Jr. Penetration Tester (eJPT)
• Certified Network Security Practitioner (CNSP)
• Certified Red Team Analyst (CRTA)
• Certified Penetration Testing Specialist (CPTS)

HackTheBox Pro Labs:

What are Pro Labs?

Hack The Box Pro Labs are advanced, real-world penetration testing environments designed to simulate corporate networks. They offer multi-layered attack paths, Active Directory setups, and realistic scenarios for red teaming and cybersecurity skill development.

• Dante - Beginner

Dante Pro Lab offers a realistic environment with both Linux and Windows machines, focusing on network penetration testing. You'll sharpen skills in enumeration, exploit development, lateral movement, privilege escalation, and web attacks while practicing buffer overflows and Metasploit usage.

• P.O.O - Beginner

This lab focuses on Active Directory attacks, helping players master enumeration, lateral movement, privilege escalation, and situational awareness. It also builds strong skills in web application attacks and AD-specific enumeration techniques.

• Full House - Intermediate

In this Red Team Operator Level 1 lab, you'll gain hands-on experience in source code review, web and Windows exploitation, Active Directory attacks, reversing, blockchain exploitation, and AI bypass techniques.

• Zephyr - Intermediate

Zephyr Pro Lab focuses on real-world Active Directory exploitation, relay attacks, lateral movement, pivoting, and modern web attacks. You'll develop skills in enumeration, SQL attacks, password cracking, privilege escalation, and trust boundary crossing in a red team environment.

Achievements

• 4th Place at SofTech CTF'25 organized by Fast University Lahore, onsite (2025)
• 50th Global Rank at PicoCTF'25 organized by PicoCTF, online (2025)
• Top 50 at Black Hat MEA 2024 CTF Finalists organized by Flagyard, online (2024)
• 98th Global Rank at CSWA CTF Qualifiers 2024 organized by New York University, online (2024)
• 4th Place at AirTech CTF'24 organized by Air University Islamabad, onsite (2024)
• 5th Place at SofTech CTF'24 organized by Fast University Lahore, onsite (2024)
• 10th Place at Digital Pakistan Cyber Security Hackathon organized by MoITT and IGNITE, onsite in Islamabad (2023)
• 5th Place at CyberQuest CTF'23 organized by Sir Syed CASE Institute of Technology, onsite (2023)
• 4th Place at BlitzStorm CTF'23 organized by Blitzstorm, online (2024)
• 8th Place at NasCon'23 organized by FAST University Islamabad, onsite (2023)
• 4th Place at CyberStorm organized by Air University, onsite in Islamabad (2023)
• Ranked in the top 6% on TryHackMe, online (2022 - Present)

Projects

• Digital Wallet: Developed a C++ based digital wallet with streamlined fund transfer and transaction tracking functionalities.
• GUI Based Network Monitoring System: Designed a GUI Network Monitoring System using C# with user-friendly graphical interfaces for exploring network functionalities.
• Blockchain Implementation: Developed a Java-based blockchain with features like user authentication, transaction tracking, and dynamic coin rate fluctuation. This project was a collaborative effort with Muhammad Munib, Radeel Ahmed, and Husnain Tahir.
• 16 bit Instruction Set Architecture Simulator: This code provides a basic framework for simulating an ISA processor with a limited set of instructions and capabilities. It can be extended further to support additional instructions and features as needed.
• Bash Chat: The Bash Chat Application is a simple yet effective way to facilitate communication between users on a local network. Leveraging the power of Bash scripting and the networking capabilities of Netcat, this application allows users to chat with each other in a terminal environment.
• HeepHound: HeapHound is a Python-based tool built with my dear friend Muhammad Munib and Radeel Ahmed for analyzing Java heap dump files (.hprof) to extract sensitive data, assess risks, and generate forensic reports. It identifies credentials, tokens, and other artifacts using built-in heuristics, producing reports in JSON, HTML, and text formats. Ideal for security investigations, malware analysis, and incident response.
• NetEye: Net-Eye is an all-in-one Python-based network reconnaissance tool that detects live hosts, scans ports, grabs banners, resolves DNS, performs GeoIP lookups, and runs detailed Nmap scans. It also identifies known vulnerabilities based on discovered services, helping users assess and secure their networks effectively.

Additional Experiences

• Technical Secretary at Air University Cyber Security Society (Dec 2024 - Present)
• Director Developer at AirTech'25 CTF (May 2025)
• CTF Challenge Developer at Air University Cyber Security Society (Dec 2023 - Dec 2024)
• Member - Cyber Research Club at Air University Cyber Security Society (Feb 2024 - Dec 2024)
• Core Member - Awareness Club at Air University Cyber Security Society (Jan 2023 - June 2023)

Contact Me

• Email: abdullah.MnM@proton.me
• Twitter: @iabdullah_215
• LinkedIn: Muhammad Abdullah
• GitHub: iabdullah215
• Discord: n0tabdu11ah