About Me

Posted on: July 24, 2024 | Reading time: 4 minutes | Word count: 739 words | Author: Dang Duong Minh Nhat

My Profile Picture

Welcome to my blog!

I’m Dang Duong Minh Nhat, a Computer Science graduate-to-be from HCMUT, with a strong interest in cybersecurity, especially cryptography. I enjoy exploring how systems work — and how they break — through both research and hands-on challenges. This blog is a space where I document what I learn, share projects, and connect with others who share the same passion.

Experiences

  • Red Team at HDBank (Oct 2025 – Present)

    • Threat modeling and architecture audit to identify attack surfaces and propose mitigations.
    • Internal penetration testing on UAT environments.
    • Tool integration and optimization to enhance pentest automation and reporting.
    • Development of a multi-agent AI framework capable of autonomously performing reconnaissance and exploitation workflows, emulating human pentesters.

  • Security Engineer at Casso (Sep 2025)

    • Researched and integrated banking APIs: reverse-engineered mobile banking apps, bypassed SSL pinning and root checks, automated workflows, and standardized secure data handling.

  • Intern at Kaspersky (Dec 2024 – Apr 2025)

    • Studied the workflow of a Security Operations Center (SOC): incident detection, alert triage, log analysis, SIEM concepts.

  • Intern at OPSWAT Software Vietnam LLC (May 2024 - July 2024)

  • Core Member of BKISC (Bach Khoa Information Security Club) (2022 - Present)

    • Specialized in Cryptography research and CTF challenges.
    • Contributed to security research and club activities.

  • Teaching Assistant for Discrete Structures Course (August 2023 - December 2023)

    • Assisted students with discrete mathematics, data structures, and graph theory.
    • Graded assignments and provided clarification on course materials.

Skills

  • English: TOEIC Certificate with a score of 775 (taken in August 2024).
  • Cryptography: Regularly practice on CryptoHack, ranked 151st globally and 21st in Vietnam (as of Oct. 22, 2024). Proficient in:
    • Symmetric Ciphers, RSA, Diffie-Hellman, Elliptic Curves, Hash Functions, Web Cryptography.
  • Windows Offensive Security: Understanding of low-level OS security architecture (PPL, Code Integrity, Object Manager), browser data manipulation, privilege escalation, stealthy in-memory execution, and protected process bypass.
  • Web Exploitation: Completed PortSwigger labs on Authentication, API Testing, SQL/NoSQL Injection, Business Logic, and Path Traversal.
  • Reverse: Android app analysis (APKTool, JADX, smali patching), SSL pinning & root detection bypass, traffic interception (Frida, Burp Suite, mitmproxy), binary/resource modification, APK re-signing.
  • Programming:
    • C/C++: Proficient in fundamentals, OOP, data structure and algorithms. Familiar with basic Windows API for red teaming, including syscall manipulation, API unhooking, and in-memory execution.
    • Python, Sage: Used for cryptography research and Capture the Flag (CTF) challenges.
    • HTML, CSS, JavaScript, PHP: Web development experience through online resources and personal projects.
  • Mathematics: Strong background in number theory and algorithms for cryptographic applications.
  • Version Control: Proficient in Git for project management and collaboration.
  • Soft Skills: Teamwork, Problem-Solving, Leadership, Responsibility, Multi-tasking.

Awards & Certifications

Personal Projects

  • Circheck: A static analysis tool for Circom source code, designed to detect security vulnerabilities in Zero-Knowledge Proof (ZKP) circuits written in the Circom language.

Connect with Me

Thank you for taking the time to learn about me. Connect with me on Facebook, LinkedIn, via email at dangduongminhnhat2003@gmail.com, GitHub, or by phone at +84 829 258 815 .

Personal  About me