Vulnerability Discovery · Penetration Testing · Responsible Disclosure
This repository documents my journey in cybersecurity research, ethical hacking, and bug bounty hunting. It contains research notes, methodologies, and responsible disclosures.
Vulnerability Discovered & Responsibly Disclosed
Successfully identified and reported a security vulnerability in the systems of Delft University of Technology (TU Delft), one of Europe's leading technical universities. The finding was validated and my name was added to their Hall of Fame for responsible disclosure.
- Subdomain enumeration
- Technology stack fingerprinting
- Endpoint discovery and mapping
- Open-source intelligence (OSINT)
- OWASP Top 10 testing
- Authentication & authorization testing
- API security assessment
- Input validation analysis
- Business logic flaw detection
Kali Linux • Burp Suite • Nmap • Wireshark
Metasploit • SQLMap • DirBuster • recon-ng
Attended Black Hat Middle East & Africa, the region's premier cybersecurity conference. Gained exposure to cutting-edge security research, attended workshops by industry leaders, and networked with global security professionals.
┌─────────────────────────────────────────┐
│ │
│ BREAK → UNDERSTAND → REPORT │
│ │
│ Find what's broken. Understand why. │
│ Help fix it responsibly. │
│ │
└─────────────────────────────────────────┘
I believe in responsible disclosure — vulnerabilities are reported directly to affected organizations with full context and remediation guidance before any public discussion.
| Provider | Course |
|---|---|
| Tuwaiq Academy (Sattra) | Introduction to Cybersecurity |
| Tuwaiq Academy (Sattra) | Kali Linux Fundamentals |
| Tuwaiq Academy (Sattra) | Linux 101 |
| Self-Directed | OWASP Web Security Testing Guide |
For security research collaboration or responsible disclosure coordination:
- Email: abdullah.khaled.alhrbi@gmail.com
- GitHub: Saudi-hacker
"Security is not a product, but a process." — Bruce Schneier