Shaik Ajmal is a Product Security Engineer with six years of hands-on experience securing web and product platforms across startups and scale-ups, currently at Groww. He blends offensive and defensive skillsets—having built intentionally vulnerable Django labs (pygoat) and contributed SSRF detection to the OWASP SecureTea project—bringing practical exploit knowledge to harden production systems. Past roles at Junglee Games and DeHaat sharpened his application security and incident-detection experience, while a GSoC project with OWASP highlights his open-source pedigree. A Python-focused InfoSec practitioner and CEH, he prefers tea over coffee and aims to be a versatile "jack of all trades" who can both break and build secure software.
6 years of coding experience
3 years of employment as a software developer
BTech - Bachelor of Technology Computer and Information Systems Security, BTech - Bachelor of Technology Computer and Information Systems Security at Vellore Institute of Technology
intentionally vuln web Application Security in django
Role in this project:
Backend Developer
Contributions:55 commits, 29 PRs, 2 pushes in 4 months
Contributions summary:Shaik contributed to the development of a web application designed to test web security vulnerabilities using the Django framework. Their work focused on creating and modifying templates and views to implement Cross-Site Scripting (XSS) and SQL Injection (SQLi) labs. They also added functionality for Broken Authentication and Insecure Deserialization vulnerabilities. The user's contributions involved creating HTML templates, CSS styling, JavaScript, and modifying Django models and URL configurations.
The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
Role in this project:
Backend Developer & Security Engineer
Contributions:47 commits, 15 PRs, 8 comments in 4 months
Contributions summary:Shaik primarily focused on enhancing the security features of the project. They updated the `setup.py` file to use the `distro` module for OS detection, addressing deprecation issues. The user then fixed a bug related to an attribute not found in the `platform` module. Finally, they implemented SSRF (Server Side Request Forgery) detection within the server log monitoring module, adding the detection of potential SSRF attacks.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.