Penetration Tester - Security Researcher
✉️ [email protected] — 🌐 LinkedIn — 📍October 6 City, Giza, Egypt
Recent Computer Science graduate and Junior Penetration Tester with a profound passion for cybersecurity. Specializing in web, network, and mobile application pentesting, I am dedicated to identifying vulnerabilities and fortifying digital security. Actively engaged in Capture The Flag (CTF) competitions and hands-on security assessments, I am committed to continuous learning and professional development. My goal is to leverage my skills to contribute to a safer digital environment.
Bachelor of Science in Computer Science October 6 University | October 2020 - Jun 2024
Graduation Project : WiFi Based-Drones Pentesting Framework
Relevant Coursework:
Computer Security
Computer Networks
Data Structures and Algorithms
Cryptography
Web Development
Object-Oriented Programming
Web Applications Pentesting
- Deep knowledge of web security (OWASP Top 10), including SQL Injection, XSS, and CSRF.
- Expert in Burp Suite, OWASP ZAP, and manual testing for comprehensive assessments.
Network Pentesting
- Skilled in identifying vulnerabilities in network devices and configurations.
- Proficient with Nmap, Wireshark, and Metasploit for advanced network security analysis.
Active Directory Pentesting
- Experienced in assessing and exploiting Active Directory vulnerabilities.
- Skilled in Kerberoasting, Pass-the-Hash, and using tools like BloodHound and Mimikatz.
Mobile Applications Pentesting
- Specialized in securing mobile apps with reverse engineering and dynamic analysis.
- Proficient with APKTool, JADX, and Frida for in-depth mobile security assessments.
Programming
- Strong skills in C/C++, Python, Bash, and JavaScript.
- Capable of developing custom scripts for automation and secure application development.
Personal Knowledge Repository
- Overview: As a cybersecurity enthusiast, I developed the “Red Team Second Brain,” a comprehensive repository where I organize and curate my cybersecurity notes, insights, and research findings. This project serves as my go-to resource for quick reference, problem-solving, and continuous learning.
- Key Components:
- Structured Knowledge Base: I’ve organized information on penetration testing, network security, web applications, mobile pentesting, and Active Directory pentesting. Topics are well-tagged and cross-referenced for easy access.
- Custom Tools and Scripts: I’ve built custom scripts and tools to automate repetitive tasks, conduct vulnerability assessments, and simulate attacks. These tools enhance my efficiency during red team engagements.
- Collaboration and Sharing: I actively contribute to the cybersecurity community by sharing my findings, write-ups, and solutions. Collaborating with other professionals enriches my knowledge.
- Impact: This project highlights my continuous learning and proficiency in the latest cybersecurity techniques, contributing valuable insights to the cybersecurity community.
- PWK (OSCP)
- HackTheBox Academy: 🔗 Bug Hunter Path
- HackTheBox Academy: 🔗 Penetration Tester Path
- 🔗 Android App Hacking Black Belt Edition
- TryHackMe
At October 6 University’s IEEE branch, I led the Cyber Security Group, where I organized workshops and facilitated discussions to enhance students' understanding of cybersecurity principles. I provided mentorship and support, driving skill development and knowledge sharing within the IEEE community, and cultivated a culture of exploration and innovation in cybersecurity.
▪️ Github Profile – Projects and tools for pentesting and cybersecurity.
▪️ My Blog – Write-ups and tutorials on web challenges.
▪️ HackTheBox Profile – Solved over 150 challenges and Machine.
▪️ TryHackMe Profile – 367 rooms completed, various cybersecurity topics.
▪️ Intigriti Profile – Bug bounty submissions and acknowledged vulnerabilities.
