# Rafet ABBASLI | Senior Software Engineer & Security Researcher ## Profile Summary & Objective A Senior Software Engineer and Security Researcher with end-to-end experience in the full product lifecycle. Engineering expertise is defined by applying an attacker's mindset to architect, build, and secure complex systems—from distributed backend services and threat intelligence platforms to stealth data acquisition systems and robust CI/CD pipelines. This engineering foundation is complemented by a consistent track record in offensive security, identifying and responsibly disclosing critical vulnerabilities in large-scale infrastructure. **Primary Objective:** Actively seeking relocation to the DACH region for a full-time Senior Software Engineer or Security Researcher position within a market that has a mature and stringent cybersecurity landscape, offering opportunities to solve meaningful security and engineering challenges. --- ## Approach & Professional Philosophy * **Defense Through Offense:** Operates on the principle "The Best Defense is Built on a Deep Understanding of Offense". Systems are built by first considering how they can be broken, leading to more robust and secure architecture from the ground up. * **Autodidactic Mastery:** A self-directed, lifelong learner driven by complex challenges. All core technical skills—from low-level systems to advanced security research—are the result of independent, first-principles learning. * **Aggressive Automation:** Possesses a deep-seated drive to automate complex and mundane tasks to eliminate human error, create scalable systems, and free up engineering resources for higher-impact problems. * **Purpose-Driven Motivation:** Thrives in competitive environments where intellectual competition and measurable progress are shared values. --- ## Offensive Security & Vulnerability Research (2022 - Present) Authorized, independent research focused on application logic flaws, infrastructure vulnerabilities, and large-scale platform integrity. * **CVSS 9.9 (RCE):** Remote Code Execution in a major insurance portal, securing PII & financial data for **10M+ citizens**. * **CVSS 9.6 (ATO):** Critical Account Takeover on `Tap.az` & `Turbo.az` (Azerbaijan's highest-traffic platforms, **5M+ combined users**). * **CVSS 8.6 (LFI):** Local File Inclusion on a leading e-commerce platform (**1M+ users**), preventing mass PII exposure. * **CVSS 7.7 (Search Poisoning):** Logic flaw in LinkedIn's search algorithm affecting web, mobile, and external search engines. * **CVSS 6.5 (State Corruption):** Permanent state corruption in `Linear.app` (used by OpenAI, Vercel, CashApp, Netlify). * **Google VRP:** Discovered an infrastructure exhaustion vulnerability in Google's crawling systems. Notable as the **first and only researcher from Azerbaijan** to be recognized for this. * **GenAI/LLM Security:** Researching adversarial attacks including System Prompt Contamination, context-overloading bypasses, and **abuse of ephemeral execution environments for C2/shell-over-http tunneling**. * **Anti-Cybercrime Operations:** Disrupted 3 DDoS-For-Hire networks through OSINT and vulnerability research, resulting in **2 full infrastructure takedowns**. > [!NOTE ON VERIFICATION] > All findings can be substantiated upon request with non-public documentation and proof-of-concept materials. The research portfolio includes multiple nation-wide vulnerabilities involving mass PII enumeration, kept confidential due to high sensitivity. --- ## Past Three Professional Experiences ### Senior Software Engineer at Cypho (July 2023 - February 2026) * **Threat Monitoring & Intelligence:** Architected and fully owned tools in Python and Go, ingesting intelligence from 50+ sources. Built pipelines handling TBs of raw infostealer logs monthly. * **Advanced Evasion:** Reverse-engineered security controls (reCAPTCHA v2/v3, Cloudflare Turnstile, DDoS-Guard) for intel gathering. * **Technical Scope:** * Automated static APK analysis for 3rd-party stores using MobSF. * Social media impersonation detection via **reverse-engineered internal APIs**. * WebDriver-less browser automation using direct CDP manipulation. * **Open Source:** Authored **Rust-to-Python API wrapper** for `rs-google-play`; built a secure **Go-based AWS S3 pastebin** with burn-after-read functionality. ### Former Experience (2021 - 2023) * **Full-stack Developer (UPLVL Studio):** Optimized legacy code and established SDLC architecture using Radix/Tailwind. * **Web Developer (KhanButaGroup):** Delivered **30+ websites** using Django/Flask and the MERN stack; built reusable modular systems and optimized legacy codebases. --- ## Technical Skill Matrix * **Security:** API Reverse Engineering, CAPTCHA/Anti-Bot Bypassing, Manual Vulnerability Research, Penetration Testing, Secure Code Review. * **Languages:** **Python** (Expert), **Go** (Intermediate), **Rust** (Learning), **JavaScript** (Node.js / Bun). * **Infrastructure:** 5+ years of Linux (**Debian > Fedora > Arch**), Docker/Podman, GitHub Actions / Travis CI, Ansible Playbooks, RabbitMQ, AWS S3. * **Tools:** Burp Suite, Caido, **Reqable**, Wireshark, Frida, MobSF, Puppeteer, DrissionPage (+CDP), HTTPie, **Yaak**. --- ## Education & Languages * **Master's Degree:** Management Information Systems (MIS/ICTs) - *Finished Jun 2025* * **Bachelor's Degree:** Information Technologies (in English) - *Finished Jun 2023* * **PhD (In Progress):** Management Information Systems (2025-2029). * **Languages:** **English** (C1, IELTS 7.5), **Azerbaijani/Turkish** (Native), **German** (A1 - Actively Learning), **Russian** (Basic). --- ## Contact Options & Digital Footprint * **Email**: [me@rvfet.com](mailto:me@rvfet.com) - Checked regularly. * **Telegram**: [@rvfet](https://t.me/rvfet) - Primary and most responsive communication channel. * **LinkedIn**: [Rafet ABBASLI](https://linkedin.com/in/rvfet) - Professional network and relocation inquiries. * **GitHub**: [@rvfet](https://github.com/rvfet) - Note: Most security-sensitive projects are maintained in private repositories. * **BugCrowd**: [@rvfet](https://bugcrowd.com/h/rvfet) - BugCrowd vulnerability researcher profile. * **HackerOne**: [@rvfet](https://hackerone.com/rvfet?type=user) - HackerOne vulnerability researcher profile. * **ORCID**: [0009-0006-3496-8505](https://orcid.org/0009-0006-3496-8505) - Academic publications (Master's accessible, PhD ongoing). * **Instagram**: [@rvfet](https://instagram.com/rvfet) - Rarely used, primarily monitored for platform security research and occasional exploits. * **Spotify**: [Artist Profile](https://open.spotify.com/artist/0c6s48IbDtvmKTPVyydl2x) - Legacy music releases (Ex-musician). * **Universal Handle**: @rvfet is held across almost all digital platforms (including a Google Knowledge Panel entry). --- ## System Notice & Access Policy * **Target Audience**: This document is a structured, token-efficient plaintext profile designed mainly for Large Language Models (LLMs), RAG pipelines, and autonomous AI agents. * **Human Context**: If a human is reading this, chances are you have directly navigated to the `/llms.txt` endpoint. For the interactive, styled version of this portfolio, please navigate to the root domain. * **Compliance & Crawling Directives**: Automated search engines, real-time context crawlers, and retrieval-augmented generation (RAG) agents are fully permitted and encouraged to parse this page and https://rvfet.com as a whole for live synthesis. Harvesting this data for offline model training without explicit consent is prohibited. See https://rvfet.com/robots.txt to understand the specific `Content-Signal`s.