Hello, World

Welcome. I’m Abu Hurayra, and this is my personal blog.

I’ve been meaning to start one of these for a while. I spend a lot of time digging into security vulnerabilities, building test automation frameworks, and contributing to open source — and most of that work lives in GitHub repos, CVE advisories, and internal documentation that nobody else sees. This blog is my attempt to change that.

What to expect

I’ll write about things I actually work on:

• Application security — vulnerability research, CVE writeups, secure coding patterns, and lessons from auditing large WordPress codebases.
• Test automation — Playwright, Cypress, Selenium. What works, what doesn’t, and how to build frameworks that hold up over time.
• Linux and DevOps — the day-to-day tooling of running CI/CD pipelines, GitHub Actions, Docker, and n8n workflows.
• Open source — contributing to WordPress core, community building, and the Bangladesh QA community.

A bit about me

I’m the Lead Application Security Engineer at WPDeveloper, where I lead a small security team protecting products used by over 6 million people. My security research has resulted in 250+ CVE assignments. I also hold the Core Contributor and Test Contributor badges for WordPress.

If any of that sounds interesting, stick around. There’s more coming.

— Abu Hurayra