Samson Obie

Cybersecurity Analyst, Ethical Hacker & Penetration Tester

Specialized in offensive security operations, ethical hacking, and vulnerability assessment. Proven track record of discovering and validating 30+ critical security vulnerabilities across web applications and enterprise networks.

Get In Touch Download Resume View Projects

About Me

Results-driven Cybersecurity Analyst specializing in penetration testing and security assessments for global organizations. I leverage industry-standard methodologies and tools to identify vulnerabilities, simulate real-world attack scenarios, and deliver comprehensive remediation strategies.

With expertise in OWASP Top 10 vulnerabilities, network security, and offensive security operations, I'm committed to helping organizations strengthen their security posture and mitigate cyber risk.

Professional Experience

Ethical Hacker / Penetration Tester

Commonwealth Bank

October 2024 - Present

  • Perform ethical hacking engagements across web applications and Windows-based environments using structured penetration testing methodology (reconnaissance, enumeration, exploitation, post-exploitation, and reporting)
  • Discovered and validated 30+ security vulnerabilities including broken authentication, access control flaws, insecure configuration, exposed services, and injection-related weaknesses
  • Simulated real-world attack paths using tools such as Burp Suite, Nmap, Metasploit, Wireshark, Nessus, SQLmap, BloodHound, Impacket, and John the Ripper
  • Conducted active attack simulations including Kerberoasting, Pass-the-Hash, credential dumping, and privilege escalation to demonstrate potential business impact
  • Produced professional penetration testing reports with severity ratings, proof-of-concept evidence, and detailed remediation recommendations
  • Provided actionable guidance to development and security teams, ensuring vulnerabilities are adequately addressed and documented

Cybersecurity & AI Outreach Specialist

International Association of Cybersecurity and AI Professionals

December 2025 - Present

  • Deliver cybersecurity awareness training programs to diverse audiences, educating stakeholders on password security best practices, phishing attack prevention, and social engineering threats
  • Conduct risk assessment presentations on AI-related vulnerabilities including algorithmic bias, data privacy concerns, and machine learning security implications
  • Collaborate with international teams to develop and execute global cybersecurity awareness campaigns aligned with industry frameworks (NIST, ISO 27001) and AI governance standards
  • Create educational content and training materials to promote security-conscious culture across organizations and communities
  • Engage with stakeholders to strengthen understanding of emerging cyber threats and AI security challenges in the evolving digital landscape

Technical Skills

Penetration Testing

  • Web Application Testing
  • Network Penetration Testing
  • Vulnerability Assessment
  • Exploit Development
  • Social Engineering

Security Tools

  • Burp Suite & OWASP ZAP
  • Metasploit Framework
  • Nmap & Wireshark
  • Nessus & OpenVAS
  • SQLmap & Nikto

Attack Techniques

  • SQL Injection & XSS
  • Privilege Escalation
  • Pass-the-Hash
  • Kerberoasting
  • Credential Dumping

Operating Systems

  • Kali Linux
  • Windows Server
  • Ubuntu & Debian
  • Windows 10/11
  • VMware & VirtualBox

Featured Projects

Advanced Penetration Testing Lab

Designed and deployed an isolated virtualization environment simulating a corporate network. Executed comprehensive network enumeration and successfully exploited legacy services, demonstrating privilege escalation to root access.

Metasploit Nmap VMware Kali Linux

Web Application Security Assessment

Performed black-box security testing on OWASP Juice Shop and DVWA. Successfully executed SQL Injection attacks, XSS exploitation, and demonstrated authentication bypass vulnerabilities with detailed remediation guidance.

Burp Suite SQLmap OWASP Top 10 XSS

Enterprise Network Hardening

Configured secure network topologies simulating enterprise environments. Implemented VLANs for traffic segmentation, applied granular ACLs, and configured port security to mitigate Layer 2 attacks.

Cisco VLANs ACLs Network Security

Security Research & Bug Bounties

Active security researcher on bug bounty platforms, specializing in web application security vulnerabilities and responsible disclosure practices.

HIGH

CORS Misconfiguration Vulnerability

Bugcrowd | January 2026

Identified and responsibly disclosed Cross-Origin Resource Sharing (CORS) misconfiguration enabling unauthorized cross-domain data access. Vulnerability allowed attackers to bypass same-origin policy restrictions and exfiltrate sensitive user data from authenticated sessions.

Impact: Potential unauthorized access to user credentials and private information across domains
MEDIUM

Content Security Policy (CSP) Bypass

Bugcrowd | January 2026

Discovered Content Security Policy bypass vulnerability enabling execution of arbitrary JavaScript despite restrictive CSP headers. Successfully demonstrated XSS payload injection through misconfigured trusted sources, circumventing client-side security controls.

Impact: Enabled cross-site scripting attacks despite CSP protections, allowing potential session hijacking and data theft

Certifications

Introduction to Cybersecurity

Cisco Networking Academy

2024

Ethical Hacker

Cisco Networking Academy

2024

Networking Basics

Cisco Networking Academy

2024

Get In Touch

Open to remote opportunities and international collaborations. Let's discuss how I can help strengthen your organization's security posture.

📧 samsonobie475@gmail.com 💼 LinkedIn Profile 📱 +234 904 267 1764