CyberSingh

My expertise lies in conducting targeted penetration tests across various environments, including web applications, APIs, network infrastructure and more.

Title

Hi there 👋

I'm SinghCyber, a Security Researcher and aspiring Cybersecurity Specialist. I focus on realistic, goal-driven penetration tests across web applications, APIs, infrastructure, Active Directory environments and more.

I combine automation with manual tradecraft to find complex issues, validate real risk, and help teams harden their environments instead of chasing noise.

Present Status 🧭

🎯
Offensive Security
Deeper tradecraft, adversary simulation
✍️
Writing
Blogs, playbooks & test plans
📱
Kubernetes (K8s)
Cloud-native & container attack paths

Typing SVG

🔍 Focus: Realistic red-team style assessments 🌐 Web & API | 🖥 AD | ☁ Cloud 📚 Strong methodology, clear reporting

Projects 🚀

I build and maintain realistic labs to practice full kill-chains, not just single vulnerabilities.

Web Application Home Lab Active Directory Home Lab GOAD on VMware

Security Standards & Frameworks 🛡️

Engagements are mapped to well-known industry standards so findings connect directly to risk and controls.

OWASP Testing Guide (OTG) MITRE ATT&CK CWE SANS Top 25 CIS Benchmarks

Skills 🧠

Coverage from external surface to internal lateral movement, plus cloud and mobile.

Web Apps & APIs Infrastructure Gen AI App Testing Thick Client Apps System Build Reviews Mobile App Testing System Breakout Testing Cloud Config Reviews Email Phishing Testing GitHub Wireless

Knowledge ⚙️

Tooling changes, but the goal is the same: understand how a real attacker would pivot and persist, then help you close the gaps.

Show full offensive tooling stack (Burp, AD tools, cloud, mobile, privesc & more)
Burp Suite Metasploit Wireshark Bash Python Linux Git Debian Docker Kali Linux theHarvester Recon-ng Shodan Censys SpiderFoot Amass Sublist3r crt.sh Nmap masscan RustScan Netdiscover arp-scan Nessus Qualys Nuclei OWASP ZAP sqlmap Wappalyzer Nikto WFuzz ffuf DirBuster Dirsearch ParamSpider Arjun Exploit-DB searchsploit Hashcat John the Ripper Hydra Medusa CrackMapExec Responder Mimikatz Impacket BloodHound SharpHound PowerView PowerSploit Rubeus Kerberoast GetUserSPNs ADExplorer ADRecon SecretsDump Sliver Evilginx2 Linux Exploit Suggester LinPEAS WinPEAS GTFOBins tcpdump Gophish MobSF Frida APKTool Objection Pacu CloudSploit ScoutSuite Kube-bench Kube-hunter Radare2 SMBexec ntlmrelayx Tenable Qualys Ghidra

Certifications 🎓

OSCP PNPT CASA

GitHub Stats 👨‍💻

TheSinghSec's GitHub stats
GitHub Streak
Never give up. Never back down.

🌱 Constantly learning. Constantly breaking. Constantly improving.