Skip to content
View jojin1709's full-sized avatar
🎯
Focusing
🎯
Focusing
0 followers · 5 following
  • Thrissur
  • 01:03 (UTC -12:00)

Achievements

Achievement: Pull SharkAchievement: Quickdraw

Achievements

Achievement: Pull SharkAchievement: Quickdraw

Highlights

Block or report jojin1709

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
jojin1709/README.md

Jojin John

Security-Focused Full-Stack Developer | Web Application Security Researcher

India • LinkedInPortfolioEmail

Professional Summary

A security-focused developer specializing in full-stack engineering and offensive security research. Currently pursuing a BCA at the University of Calicut (2024–2028) and active as an independent security researcher on YesWeHack. Expert in the MERN stack with a focus on building secure architectures and testing them against modern exploitation techniques.

Technical Proficiencies

Security & Research

  • OWASP Top 10 Testing
  • API Security & Access Control Exploitation
  • Authentication & JWT Vulnerabilities
  • Reconnaissance & Asset Discovery
  • Tools: Burp Suite, Nmap, FFUF, Kali Linux Software Engineering
  • Languages: JavaScript (ES6+), Python, C++, PHP
  • Backend: Node.js, Express.js, RESTful APIs
  • Frontend: React, Tailwind CSS, HTML5/CSS3
  • DevOps: Docker, Git, GitHub Actions, Google Cloud Platform

Selected Projects

Secure MERN Authentication System Implementation of a robust authentication framework featuring RBAC, JWT-based sessions, and secure password management. OWASP Juice Shop Assessment A comprehensive security audit documenting vulnerability identification, exploitation, and structured mitigation recommendations. Reconnaissance Automation Python-based automation suite for subdomain enumeration and service discovery.

Independent Security Research

YesWeHack (2025 – Present)

  • Participating in responsible disclosure programs for various organizations.
  • Focusing on identifying sensitive data exposure and access control flaws in web applications.
  • Contributing structured vulnerability reports with clear proof-of-concepts and remediation steps.

GitHub Statistics

---
© 2025 Jojin John

Pinned Loading

  1. Personal-Portfolio-Website Personal-Portfolio-Website Public

    A modern portfolio website showcasing my work, designed from scratch with clean UI/UX and responsive layouts.

    TypeScript