Digital Infrastructure student specializing in Cybersecurity at ISTA SYBA. Passionate about offensive security, penetration testing, and vulnerability research. Active bug bounty hunter on HackerOne and Bugcrowd platforms.
I'm a dedicated cybersecurity professional currently studying Digital Infrastructure with a specialization in Cybersecurity at ISTA Sidi Youssef Ben Ali (SYBA) in Marrakech, Morocco.
My passion lies in offensive security, where I actively hunt for vulnerabilities on platforms like HackerOne and Bugcrowd. I thrive on solving complex security challenges and continuously expanding my knowledge in penetration testing, vulnerability assessment, and security research.
Focused on identifying and mitigating security vulnerabilities before they can be exploited in real-world scenarios.
Proficient in multiple programming languages, security tools, and frameworks for comprehensive security assessments.
Vulnerability assessment, exploitation, web and infrastructure audits, bug bounty hunting on HackerOne and Bugcrowd, incident response, and digital forensics
Nmap, Nessus, Nikto, Nuclei, Google Dorking, theHarvester, SpiderFoot, recon-ng, subfinder, Maltego, Shodan
Burp Suite, OWASP ZAP, HTML, CSS, JavaScript, PHP, MySQL, MongoDB, Node.js
Network design, network security, TCP/IP, routing, switching, Wireshark, CCNA concepts
Windows Server, Active Directory, Linux (Debian, Kali), user management, permissions, deployment
VMware, VirtualBox, Proxmox, VMware ESXi, Hyper-V, Docker
Python, Bash, PowerShell, JavaScript, C
Flutter for cross-platform mobile application development
HackerOne & Bugcrowd
Conducting vulnerability research on various platforms and programs. Writing detailed technical reports and communicating with security teams for validation and remediation of security flaws.
ISTA Sidi Youssef Ben Ali (SYBA)
Focused training in cybersecurity, infrastructure management, network security, penetration testing, incident response, and digital forensics.
Lycée Al Massar
Foundation in scientific principles, analytical thinking, and problem-solving methodologies.
Ethical Hacker
Cisco
Network Security Associate
OPSWAT Academy
Offensive Security Operations
Cybrary
CCNA: Switching, Routing, and Wireless Essentials
Cisco
CCNA: Introduction to Networks
Cisco
Introduction to Cybersecurity
Cisco
Endpoint Compliance Associate
OPSWAT Academy
Introduction to CIP
OPSWAT Academy
Python Essentials 1
Cisco
Networking Basics
Cisco
Linux Unhatched
Cisco
Computer Hardware Basics
Cisco
Advent of Cyber
TryHackMe
Sharing knowledge and documenting my learning journey through PortSwigger Academy labs and cybersecurity research on Medium.
Deep dive into broken access control vulnerabilities through PortSwigger labs. Exploring vertical and horizontal privilege escalation, insecure direct object references, and access control bypass techniques.
Comprehensive guide to path traversal vulnerabilities and directory traversal attacks. Learning how attackers exploit file system access and defense mechanisms through practical PortSwigger exercises.
Exploring template injection vulnerabilities and their exploitation. Understanding how attackers manipulate template engines to achieve remote code execution through hands-on PortSwigger labs.
Detailed analysis of command injection vulnerabilities. Learning how to identify, exploit, and prevent OS command injection flaws through practical PortSwigger lab scenarios.
Demonstrative DoS testing tool developed using hping3, ping, and network utilities to simulate attack vectors in controlled environments. Built for educational and security research purposes.
Network port scanner tool developed in Python for detecting active ports and services. Designed for security analysis in educational and controlled environments.