About me

I'm Abu Hurayra — an application-security-driven SDET with deep expertise in automated testing, secure coding practices, and Linux administration. I'm based in Dhaka, Bangladesh.

Currently I lead the application security team at WPDeveloper (Startise.com). We're a 3-person team responsible for the security of products used by over 6 million people — including Essential Addons, Easy.jobs, xCloud.host, and Templately. My security research has been assigned 250+ CVEs to date.

Background

I started as a Junior Software Test Engineer in September 2021, earned a promotion ahead of schedule, and grew into application security over the following years. My path has always sat at the intersection of quality and security — understanding how software breaks, both accidentally and intentionally.

Alongside my role at WPDeveloper, I consulted for TechNet (UK, remote) on SQA and application security across several Laravel applications, and built a GitHub CI/CD deployment pipeline for their team.

Open source

I hold the Core Contributor and Test Contributor badges for WordPress. A recent highlight was contributing to the WordPress 6.8.3 Security Release (CVE-2025-58246). I also contribute to PHP documentation and help organise the Bangladesh Aspiring QA Community.

My WordPress.org profile: profiles.wordpress.org/hurayraiit

Skills

• Automation: Playwright, Cypress, Selenium
• Languages: JavaScript, TypeScript, Python, C/C++
• Security: OWASP Top 10, Burp Suite, secure code review, vulnerability analysis
• CI/CD & DevOps: GitHub Actions, Docker, Linux, n8n
• API Testing: Postman, custom automation scripts

Get in touch

Email: hello@hurayraiit.com
GitHub: HurayraIIT
LinkedIn: hurayraiit