Muhammed Kılıç

Muhammed Kılıç

Senior Software Engineer in Turkey


Software engineer willing to learn and create products.

Work Experience

2020 — Now
  • Implemented and shipped automated penetration attacks to production: MongoDB Injections(Blind, Boolean, Error based), Log4J, Spring4Shell, SQLite SQLi , XSS via file upload (SVG) and several out-of-date vulnerabilities.
  • Joined Agile/Scrum transformation workshop, so this let me be the scrum master of team.
  • Created GitHub Actions, DefectDojo, IBM JazzTeam, YouTrack, Azure Pipelines, and IBM UrbanCode integrations from zero for both Invicti Standard and Enterprise and also maintained other Invicti Integrations. Too many integrations require me to code in multiple languages and understand different applications' architectures in addition to reading documents.
  • Managing the development branching strategy, code review, and merge process for automated penetration attacks. I have released work for 6 months for security checks and enabled bi- weekly release. I understand the importance of a secure software development life cycle and have created a framework for our team.
  • Leading security check releases for Invicti Standard and Invicti Enterprise taught me about release and DevOps processes and communication with multiple teams for a single release.
  • Joined a voluntary task-force to deliver WCAG compatibility for Invicti Enterprise in a 2 month period in which I learned how to organize and distribute +1000 tasks among +15 developers.
  • Organized meetings with customers for escalated support issues or for integration requirements.
  • Being a member of the Invicti Culture Committee
  • Leading the DevRel guild and organizing bi-weekly tech talks, which introduced me to most of my colleagues in person.
2020 — 2020
  • Managed to deliver tasks to a team of five mobile application developers, which made me realize the importance of seeing the big picture during development processes. I do follow every task that relates to the product or my team.
  • Maintained the InCommerce API and several services such as payment, delivery, etc. for Watsons and B&G Store . I achieved a decrease in average API response time from 1 second to 300 milliseconds.
  • Implemented Bizim Toptan API from zero to production deployment.
  • Delivered payment and notification(email, sms) micro-services for Project Phantom. Managed production, stage, and QA deployments for Watsons, B&G Store, and Bizim Toptan. I resolved several production problems and increased my reaction time for customer-related issues.
  • Created a multi-database diagram to organize database modificator requests from customers for product owners. It is still in use, as my ex-colleagues say.
  • Started to learn and apply scrum methodologies.
  • Practiced technologies such as dotNET/Core, MsSQL, MySQL, Octopus, Azure, Jenkins, GitHub, Vagrant, and Docker.
2019 — 2020
  • Enabled communication of multi-brand and in-house DSRC devices.
  • Applied ETSI standards for Intelligent Transportation System communication. Developed GUI application with Java for vehicles and monitoring.
  • Developed On-Board-Unit and Road-Side-Unit applications for emergency vehicle, signal violation, roadwork and collision risk warnings.
  • Worked on management console as only software developer for Long Range Acoustic Device (LRAD) also known as ultrasonic cannon.
  • Contributed to design document of Turkish Military fingerprint project.



Go module for Turkish Banks.


GitHub Actions that searches for given keyword in your codebase path like console.log etc.

Side Projects

  • Implemented hybrid API architecture on Google Cloud.
  • Dockerized services developed with .NET 5 and Express.
  • Fixed bugs on React Native application.
  • Managed one backend/devops and one mobile application developer.
  • Delivered MVP to founder of Bulbunu.


2017 — 2017


Startup School Future Founders at Y Combinator
Stack Overflow