HASSAN

Security Researcher & Penetration Tester

Black Hat Speaker CVE Discoverer Bug Bounty Hunter

// About Me

cat about.txt

Professional penetration tester and security researcher with a passion for finding vulnerabilities that others miss. Speaker at Black Hat conferences with multiple critical findings. Specializing in web application security, API testing, and vulnerability research.

// Critical Findings

ls -la ./vulnerabilities

File Upload → RCE Critical

Unrestricted File Upload to RCE

Exploited insecure file upload functionality to achieve remote code execution on the target server.

LDAP Injection Critical

LDAP Injection to Account Takeover

Leveraged LDAP injection vulnerability to bypass authentication and gain full account takeover.

SQL Injection High

Blind Boolean-Based SQLi

Discovered blind SQL injection allowing extraction of sensitive database contents through boolean-based techniques.

GraphQL Critical

GraphQL Missing Signature to ATO

Exploited unsigned GraphQL requests to manipulate user sessions and achieve full account takeover.

// Trusted By

cat clients.log

I have worked with leading Government and Semi-Government organizations in the Kingdom of Saudi Arabia, conducting security assessments, penetration testing, and vulnerability research for critical infrastructure and national systems.

// Contact

./contact --init

Let's Work Together

Available for penetration testing engagements and security research projects.

Send Message

GH LI X