SHAMVEEL KHAN

Cybersecurity Enthusiast

About Me

Shamveel Khan

Shamveel Khan

I`m a Computer Science student at FAST Karachi with a strong focus on cybersecurity and secure systems design. I&aposm passionate about understanding how software and web applications can be exploited — and more importantly, how to defend them against real-world threats. My goal is to bridge the gap between development and security while continuously advancing my practical expertise.

I`m currently interning at Velton as a full-stack developer with a security-focused role, where I contribute to building robust and secure applications. My work involves ethical hacking, automated testing with Python, and structured reconnaissance workflows, allowing me to apply security principles directly to real-world projects.

I`ve also completed all PortSwigger labs covering XSS, authentication flaws, CSRF, and IDOR, gaining hands-on experience in discovering and exploiting web vulnerabilities. Recently, I successfully identified security issues in a FAST senior project, putting my offensive skills to the test in realistic scenarios.

Skills

JavaScriptReactC++ Game DevOpenCVTypeScriptTailwind CSSPythonWeb Security TestingEthical HackingPenetration TestingReconnaissanceVulnerability Assessment

Experience & Projects

A collection of my work and personal projects

Internship @ Velton (Security-Focused Full Stack)
JAN 2026

Internship @ Velton (Security-Focused Full Stack)

Worked as a Full Stack Developer Intern with a strong emphasis on secure application development. Contributed to building and maintaining production-grade web applications while implementing secure authentication flows, input validation, and backend security best practices. Actively applied ethical hacking knowledge to identify potential vulnerabilities, strengthen system defenses, and improve overall application security.

View Project
JAN 2026

Authorization Hack – FAST Connect

Identified and exploited an authorization vulnerability in a FAST senior project (FAST Connect). The issue allowed unauthorized access to restricted resources due to improper access control checks. Conducted structured testing, demonstrated the impact responsibly, and highlighted remediation strategies to prevent privilege escalation and insecure direct object reference (IDOR) risks.

View Project
Authorization Hack – FAST Connect
Done All Portswigger labs on XSS, CSRF, IDOR, and Authentication
June 2026

Done All Portswigger labs on XSS, CSRF, IDOR, and Authentication

I have successfully completed all PortSwigger Web Security Labs covering XSS (Cross-Site Scripting), CSRF (Cross-Site Request Forgery), Authentication vulnerabilities, and IDOR (Insecure Direct Object References). These labs strengthened my skills in vulnerability identification, exploitation, and mitigation, providing hands-on experience with real-world web application security scenarios.

View Project

Get In Touch

Connect with me on social media or send me a message

Instagram
GitHub
LinkedIn

Prefer email?

shamveelkhilji@gmail.com