Hazem B.

- Pentests of Web and Mobile applications

- Vulnerability assessment and recommendations

- Network, cloud, mobile, social engineering, etc. pentesting.

- Writing audit reports

- Presenting audits during restitution meetings

- Pentest: Web application audits (OWASP), AD/infra tests, exploit writing (XSS, IDOR, SSRF, RCE), Burp plugins and automation scripts (Python/Bash), source code and configuration audit.

Pentests of Websites, AI, and mobile applications.

Mission management: planning from A to Z (kick-off, scope definition, milestones, SLA), leading meetings, preparing materials, follow-up until final delivery.

- Fuzzing & Reverse: design of targeted fuzzers (image/stream analyzers), crash analysis (ASAN/UBSAN), DLL/binary reverse engineering (Ghidra, WinDbg) and development of non-destructive PoCs.

- Achievements: - Compromise of an Active Directory with ~50k users (controlled environment); mapping, privesc, and pivot. - Bypass of business logic / filtering rules (WAF/ACL) demonstrating business impact.

- Vulnerability assessment and recommendations.

- Network, cloud, mobile, social engineering, etc. pentesting.

- Define security rules

- SOC Analyst

- Penetration testing - Pentester

- Fix and patch vulnerabilities

- Define security policy

- Incident management

- Collaborating with Knowsec, a penetration testing and vulnerability assessment company and a leading secure development company, as an independent penetration tester.

- Conducting comprehensive penetration tests on websites and mobile applications developed by Knowsec for clients, ensuring the implementation of robust security measures.

- Working closely with a highly skilled and globally recognized penetration testing team at Knowsec to identify vulnerabilities and mitigate potential threats.

- Specializing in various penetration testing techniques, including network infrastructure testing, agile penetration testing, cloud penetration testing, wireless penetration testing, social engineering, and mobile penetration testing.

- Contributing to enhancing clients' overall digital asset security by providing detailed vulnerability assessment or penetration testing reports and recommending effective solutions.

- Playing a crucial role in strengthening clients' cybersecurity defenses by uncovering vulnerabilities before they can be exploited by malicious actors.

- Providing valuable insights and recommendations to clients through cybersecurity advisory services offered in collaboration with Knowsec, helping them navigate the complex cybersecurity landscape.

- Professionalism, expertise, and commitment to excellence in every project, aligning with Knowsec's mission to deliver secure and customized digital solutions to clients worldwide.