Much. Trie Harnanto

Cybersecurity Enthusiast & Web Developer

Technology enthusiast with a passion for creating secure digital solutions. Always eager to learn and tackle new challenges in the ever-evolving world of technology.

Contact Me Learn More
Much. Trie Harnanto

About Me

6th semester Informatics student at ITENAS with a focus and interest in cybersecurity and web development. Experienced in both individual and team web projects, with a solid understanding of system and network security fundamentals.

Highly motivated with a passion for learning, detail-oriented, and always keeping up with the latest technological developments, especially in the fields of cybersecurity and modern web development.

Experience

Web Developer Intern

PT. Laskar Teknologi Mulia (CyberLabs)

  • Created & developed websites using Laravel and MySQL
  • Deployed web applications to servers
  • Collaborated with the team to complete assigned tasks

Internship Certificate

Internship Certificate
View Full Certificate

Education

Informatics

Institut Teknologi Nasional Bandung

2022 - Present

GPA: 3.56 / 4.00

Software Engineering

SMK Negeri 4 Padalarang

2019 - 2022

AVG. Score: 86

Certifications

BNSP

National Professional Certification Agency

3 Certificates

Programming Foundation

Professional certification in programming fundamentals

View

Junior Cybersecurity

Entry-level cybersecurity professional certification

View

Software Development

Professional certification in software development

View

CISCO

Networking Academy

5 Certificates

Introduction to Cybersecurity

Fundamental cybersecurity concepts and principles

View Validate

Network Defense

Network security and defense strategies

View Validate

Cyber Threat Management

Identifying and managing cyber threats

View Validate

Endpoint Security

Securing endpoints and devices

View Validate

Ethical Hacker

Ethical hacking and penetration testing

View Validate

Digitalent Kominfo

Ministry of Communication and Information Technology

1 Certificate

Junior SOC Analyst

Security Operations Center analyst training

View

Projects

🛡️ Defense

Server Security Hardening

Server Defense & Configuration

Completed

Comprehensive demonstration of building and hardening server security from scratch, implementing layered defense to protect against unauthorized access and common threats.

Project Type: Server Hardening
Context: Defense Implementation
OS Server: Linux Ubuntu
Primary Tools: SSH, Google Authenticator (MFA), UFW, Nginx, OpenSSL
Key Achievements:
  • Implemented Multi-Factor Authentication (MFA) on SSH to prevent unauthorized access
  • Secured web server deployment with Nginx and applied IP-based access restrictions
  • Deployed encrypted communication (HTTPS) to protect data traffic
  • Configured firewall to restrict incoming connections from authorized sources only
Watch Demo

GeneCare Security Case Study

DNA & Medical Data Protection

Completed

A comprehensive web security implementation report, designing and building layered defense systems for the fictional healthcare platform "GeneCare". This project focuses on protecting highly sensitive user data, such as genetic (DNA) and medical records, from various cyber threats.

Project Type: Web Application Security
Context: Final Exam Report
Case Study: Healthcare Platform "GeneCare"
Primary Technologies: PHP, HTTPS/TLS, AES-256 Encryption, Password Hashing, Prepared Statements, Doppler
Key Achievements:
  • Implemented AES-256 encryption for sensitive DNA and medical data in database
  • Secured authentication with Account Lockout, Captcha verification, and password hashing
  • Prevented SQL Injection attacks using Prepared Statements
  • Built secure registration system with input validation and strong password policies
  • Secured data transmission with HTTPS/TLS encryption
  • Implemented secure key management using external service (Doppler)
View Full Report

Under Development

More defense projects coming soon!

⚔️ Attack

SQL Injection Penetration Testing

Web Application Security

Completed

Comprehensive penetration testing documenting critical Time-Based Blind SQL Injection vulnerability on government domain endpoint.

Vulnerability Type: Time-Based Blind SQL Injection
Related CVE: CVE-2023-32315, CVE-2022-1388
CVSS Score: 9.8 (Critical)
Target Domain: Government (.mil.id)
Primary Tools: X-Ray, SQLMap
Key Achievements:
  • Database structure extraction
  • Sensitive data enumeration
  • Complete vulnerability documentation
View Full Report

Red Team Security Assessment

Web Application Security

Completed

Comprehensive red team assessment conducted during Network Security final exam simulation, involving exploitation of assigned web application to identify real security vulnerabilities.

Assessment Type: Red Team Security Assessment
Context: Final Exam Simulation
Target Application: Assigned Web Application
Primary Tools: Gobuster, Wappalyzer, GitHub, phpMyAdmin
Key Achievements:
  • Gained unauthorized database access
  • Discovered leaked .env file on GitHub
  • Performed database structure exfiltration
  • Documented vulnerabilities & provided mitigation
View Assessment Report

Under Development

More attack projects coming soon!

Contact

Email

mtrie.h@gmail.com

Instagram

@muchx3

LinkedIn

much-trie-harnanto

Location

West Bandung, West Java

Project Details