AM
Abram Magwai

Blazor, performance, and security consulting

.NET, Blazor, performance, and security

Secure, stabilize, and improve business-critical .NET applications.

I'm a .NET Full-Stack Web Engineer specializing in Blazor, ASP.NET Core, SQL Server, Azure, performance optimization, and application security. I help businesses fix slow systems, assess exposed web applications, close security gaps, and ship software that performs reliably in production.

Start your project Explore services

Backed by hands-on work across Black Magic Group, Scale Shore Consulting, ImaliBooks, and SuppTech Financial Services, plus Hack The Box Academy training with 95 targets compromised and a Top 10% ranking.

  • Production experience with Blazor, ASP.NET Core, SQL Server, Azure, Docker, and Linux
  • Proven work fixing SQL injection, user-role misconfiguration, and access control issues
  • Strong security coverage in XSS, broken authentication, IDOR, XXE, SSRF, SSTI, CSRF, and API attack paths

Security training

Security credibility built on both production work and structured offensive training.

My application security work is not only practical on live systems. It is also reinforced by dedicated Hack The Box Academy training focused on modern web exploitation and defensive thinking.

Hack The Box Academy

Top 10% ranking

Tracked progress with 95 compromised targets and strong module completion in web application security.

  • Cross-Site Scripting (XSS)
  • Broken Authentication
  • Web Attacks including IDOR and XXE

Advanced web security

Modern exploitation coverage

Training includes deeper web exploitation concepts that improve how I design and review production systems.

  • Server-Side Attacks including SSRF, SSTI, and SSI
  • Advanced XSS and CSRF Exploitation
  • Modern Web Exploitation Techniques

API and web assessment

Security-first engineering mindset

That training supports the way I build .NET systems by helping me think more clearly about exposure, abuse paths, and failure points.

  • Web Service and API Attacks
  • API Attacks aligned to OWASP API Security Top 10
  • Information Gathering and JavaScript Deobfuscation

Top services

Security and recovery services built for live .NET systems.

The strongest commercial fit is where a business already has a system in production and needs risk reduced quickly, weak spots identified clearly, and implementation handled by someone who can also fix the code.

01

Web application pentest

Assess web applications for the vulnerabilities that most often damage trust, expose data, or open the door to account abuse.

  • XSS, broken authentication, IDOR, XXE, and file inclusion review
  • Server-side attack coverage including SSRF, SSTI, and SSI
  • Clear findings with practical remediation direction
02

API and authentication security assessment

Review APIs, roles, sessions, and access-control logic to catch the security weaknesses that often slip into real business applications.

  • OWASP API Security-focused assessment
  • Authentication and authorization review
  • Support for SQL injection and unsafe input-handling remediation
03

Performance and production hardening

Improve the performance and resilience of production .NET systems after risk or bottlenecks have been identified.

  • Slow query, rendering, and backend bottleneck diagnosis
  • Safer releases across staging and production environments
  • Clean .NET remediation work rather than report-only consulting

Featured project

KnoxApp

A contract Blazor engagement delivered with a strong focus on performance, security, and production reliability.

At Scale Shore Consulting, I joined the KnoxApp project as a contract Blazor developer, enhanced the UI, shipped additional features, communicated directly with the client, handled bugs, and improved both performance and security across staging and production.

  • Improved load times and overall responsiveness in a live client-facing system
  • Managed staging and production environments to support stable releases
  • Implemented security improvements and handled urgent issues as they surfaced
Security Improved application security and faster response to urgent production issues
Performance Better load times, responsiveness, and day-to-day usability
Operations Reliable staging and production management for smoother delivery

Selected work

Experience across live business systems, not just isolated projects.

My background includes in-house and contract work across product delivery, application security, performance improvement, and production support.

Current role

Black Magic Group

Intermediate Software Developer working on tracking and asset management systems in production environments.

  • Fixed SQL injection and role misconfiguration vulnerabilities
  • Implemented Akka Streams to improve speed for truck event processing
  • Leading work on tracking and asset management applications

Blazor platform work

ImaliBooks

Full-stack Blazor development across frontend, backend, storage, and application security.

  • Built the site with Blazor and .NET Core Web API
  • Worked with Azure Blob Storage and .NET Identity roles
  • Implemented middleware, dependency injection, and production-ready security patterns

Earlier full-stack work

SuppTech Financial Services

Full-stack development work across MVC, React, SQL Server, Azure, and backend APIs.

  • Used .NET MVC for full-stack development
  • Built frontend work with React and backend APIs on .NET
  • Gained exposure to microservices, Docker, local stack workflows, and Jira-based team delivery

Why clients hire me

Built on real production responsibility, backed by continued security training.

My experience spans contractor and in-house delivery, production issue resolution, application hardening, cloud deployment, and performance work across real business systems, with Hack The Box Academy reinforcing the security side of that work.

I've worked as a .NET engineer across Black Magic Group, Scale Shore Consulting, ImaliBooks, and SuppTech Financial Services, building with Blazor, ASP.NET Core, SQL Server, Azure, MVC, and React while supporting live systems and business-critical delivery.

I also train in web application security through Hack The Box Academy, where I currently rank in the Top 10% with 95 compromised targets and completed modules across XSS, broken authentication, server-side attacks, API security, and modern web exploitation. That gives me a stronger and more defensive approach to building software.

References

People who can speak to my work.

These are contacts from businesses and projects where I have delivered real software work. They help add trust beyond what I say about myself.

ImaliBooks / SuppTech

Michael Otusanya

Can speak to my work across full-stack delivery and product execution.

[email protected]

Scale Shore Consulting

Joshua Asubiojo

Can speak to my contract Blazor work, client communication, and KnoxApp delivery.

[email protected]

KnoxApp

Joseph Gillam

Can speak to my work improving the KnoxApp platform across performance, bugs, and production support.

[email protected]

Contact

Need help with a slow, unstable, or insecure .NET application?

If your team needs a Blazor and .NET engineer who can improve performance, tighten security, and work effectively in production environments, send through the details and I'll get back to you with the next step.

An unhandled error has occurred. Reload 🗙

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please retry or reload the page.