About Me.
I am a highly skilled Penetration Tester specializing in Web Application Security, with a proven track record of identifying and mitigating critical vulnerabilities to ensure the safety and integrity of online systems. My expertise lies in uncovering complex security flaws, simulating real-world attack scenarios, and delivering comprehensive, actionable reports that empower organizations to strengthen their digital defenses.
With extensive experience in ethical hacking and offensive security, I excel in safeguarding web applications by leveraging advanced methodologies, industry standards, and cutting-edge tools. My dedication to cybersecurity is rooted in a passion for protecting businesses from ever-evolving online threats.
Education
- Bachelor of Computer Science and Artificial Intelligence Faculty of Computers and Artificial Intelligence, Benha University Expected Graduation: 2027
-
Key Achievements:
- Completed the GDG Cyber Security BootCamp, gaining hands-on expertise in penetration testing and secure development practices.
- Graduated from the Cyber Talents Cyber Security BootCamp, specializing in advanced vulnerability assessment and incident response.
- Certified in CS50x by Harvard University, mastering computer science fundamentals and programming principles.
- Earned the CCNA certification, demonstrating proficiency in networking concepts and infrastructure security.
- Engaged in additional certifications and training programs to continuously enhance cybersecurity knowledge and expertise.
Skills
- Web Penetration Testing & Vulnerability Assessment
- Proficient in manual and automated security testing techniques, focusing on identifying and exploiting vulnerabilities in web applications, including SQL Injection, XSS, CSRF, SSRF, RCE and insecure authentication mechanisms.
- Ethical Hacking
- Expertise in simulating real-world attacks on web applications to evaluate their security posture, test for unauthorized access, and assess the effectiveness of existing defenses.
- Red Team Operations
- Skilled in adversarial tactics to emulate sophisticated web-focused threat actors, including API exploitation, session hijacking, and privilege escalation scenarios.
- Secure Code Review
- Specialized in identifying security flaws in web application source code, ensuring robust protection against common vulnerabilities like insecure deserialization and business logic flaws.
- Tool Proficiency
- Experienced with web-focused tools like Burp Suite Pro, OWASP ZAP, Wireshark, and Nmap, alongside other industry-standard tools like Metasploit and Kali Linux.
- Exploit Development
- Creating and customizing web application exploits, including payloads for insecure file uploads, command injections, and directory traversal attacks.
- Cryptography
- Deep understanding of encryption techniques for securing web applications, including TLS implementation, token-based authentication, and session management best practices.
- Programming & Scripting
- Proficient in Python, JavaScript, C++, C, PHP, and Bash for developing custom scripts, automation tools, and payloads tailored to web application penetration testing.
Certificates.
CS50x
The CS50x certificate from Harvard University signifies a comprehensive understanding of computer science fundamentals, covering programming, algorithms, data structures, and software engineering principles. It demonstrates my commitment to mastering critical technical concepts, enabling me to approach complex problem-solving with a structured and efficient mindset. Certificate Link.
Cber Talents | Cyber Security BootCamp
The Cyber Talent Cyber Security Bootcamp certificate reflects my in-depth training in essential cybersecurity principles, covering a range of core topics such as threats and vulnerabilities, web application security, data encryption techniques, and digital forensics. Spanning three weeks, this bootcamp equipped me with the foundational knowledge necessary to begin a career in cybersecurity. With a focus on practical applications, I gained a comprehensive understanding of security frameworks and methodologies, ensuring readiness to address contemporary cybersecurity challenges across multiple domains. Certificate Link.
Volunteer | CODEAVOUR 5.0
The volunteering certificate from CODEAVOUR International for CODEAVOUR 5.0, the largest AI and programming event in Egypt, recognizes my role in organizing this prestigious event, supported by leading organizations such as the Motwani Jadeja Foundation, STEMpedia, Amazon AWS, ARTPARK, and others. As part of the Egyptian League for Robotics & AI and the Mechaverse League, I contributed to the successful coordination of workshops, competitions, and collaborations, showcasing cutting-edge advancements in AI and programming. This experience honed my organizational, teamwork, and leadership skills while strengthening my involvement in the global tech community. CODEAVOUR Link.
GDG On Campus | Cyber Security BootCamp
The GDG Cybersecurity Bootcamp certificate acknowledges my completion of an extensive training program covering a broad spectrum of cybersecurity domains. Through this bootcamp, I gained valuable hands-on experience in Linux systems, networking, web penetration testing, cryptography, vulnerability assessment, and network defense. The program equipped me with the skills to identify and address a wide range of security threats, enhancing my expertise in both offensive and defensive cybersecurity practices. This certification has further solidified my foundation in the field and my commitment to continuously advancing in cybersecurity. GDG Link.