Motivated cybersecurity specialist from Morocco, specializing in offensive security, penetration testing, and vulnerability hunting. Expert at uncovering and exploiting flaws in web apps, APIs, networks, and Active Directory setups, with a sharp attacker-mindset honed through 50+ bug bounty wins (like XSS on Tesla and RCE on RedBull assets, earning $15k+ and Paysafe Hall of Fame status). Hands-on freelance experience securing platforms for startups, plus advanced simulations in HTB Pro Labs and custom tooling in Python/Bash to automate real-world threats. Passionate about turning risks into growth, mentoring via my Medium blog (+1k followers, +90k views), and building secure futures one exploit at a time.
A reconnaissance lead uncovered a hidden misconfiguration that chained into a full exploit. Using my own exploit CVE-2025-30406, I escalated it to Remote Code Execution (RCE) on RedBull’s infrastructure.
My journey of discovering my first Remote Code Execution (RCE) vulnerability during a bug bounty hunt, detailing the technical approach and lessons learned.
By publishing malicious npm packages, I hijacked internal dependencies in a supply chain attack. This approach led to a successful Remote Code Execution (RCE) exploit.
Optimized Nmap scans on port 1883 revealed a vulnerable Mosquitto service. This discovery led to significant findings and bug bounty rewards during large-scope reconnaissance.
Fuzzing headers revealed an X-Forwarded-For bypass, granting access to an internal panel. This exposed sensitive Personally Identifiable Information (PII) of users.
A GET parameter misconfiguration allowed JavaScript injection across 130+ endpoints. Using tools like waymore and katana, I uncovered a critical XSS vulnerability.
Chaining an account takeover via password reset with Markdown injection, I achieved command execution to retrieve the flag in the Armaxix web challenge.
A low-severity self-XSS was transformed into a high-impact exploit through clever techniques, resulting in a critical XSS vulnerability with significant impact.
Python script for parallel Nmap port scanning on large scopes of subdomains, accelerating reconnaissance in penetration testing.
Bash script for monitoring host status, supporting add/remove/display/clean operations and unique IP counting for uptime tracking.
Collection of techniques and payloads for bypassing authentication in web apps, targeting login forms, headers, and logic flaws during pentesting.
HTML-based proof-of-concept demonstrating CSRF exploitation to upload files to a victim's account without their knowledge using session hijacking.
Shell script to parse browser history and bookmarks, extracting URLs with parameters and detecting sensitive data like tokens for OSINT and CTF use.
ProLabs: DANTE, ZEPHYR, POO on HackTheBox
INE Security
CyberWarFare
SECOPS
TCM Security