Ahmad Halabi – Medium

Jul 7

PII Disclosure of Apple Users ($10k)

بِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِ Hello, My name is Ahmad Halabi. I work as a Senior Cyber Security Specialist in UAE. I also do some Bug Bounty Hunting when I have a Free Time. You can check my Biography here: https://ahmadhalabi.net/biography/ . Intro :: After I saw that Apple started paying…

Bug Bounty

7 min read

Dec 22, 2021

Ultimate Reconnaissance RoadMap for Bug Bounty Hunters & Pentesters

بِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِ Hello, This article is targeting anyone who is a bug bounty hunter and penetration tester. The content of this article is not new, it is indeed available on the internet, but the way of delivering it is different. Who Am I ? My name is Ahmad…

Bug Bounty

7 min read

Aug 13, 2021

Taking Over Employee Accounts by Managers with Zero Employee Interaction

Hello, My name is Ahmad Halabi. I used to do bug bounty hunting a lot in the previous months. In this writeup I will discuss a Security Misconfiguration that leads to Business Logic Error and caused Account Takeover. Overview :: In April I was invited to a new private program…

Bug Bounty

7 min read

Taking Over Employee Accounts by Managers with Zero Employee Interaction

Jun 26, 2021

My Experience For 2 Years In Bug Bounty Hunting

Hello, My name is Ahmad Halabi. I am writing this article as a summary about my experience that was gathered during my Bug Bounty Journey that I started 2 years ago. Before proceeding, I previously wrote an article about How I started in bug bounties and how I achieved some…

Bug Bounty

6 min read

Published in InfoSec Write-ups

·Apr 24, 2021

RCE via Internal Access to Adminer Database Management (Critical)

Hello, My name is Ahmad Halabi, I do bug bounty hunting on my free time. I mainly hunt on HackerOne. In this article I am going to share with you how I was able to access internal database management leading to Remote Code Execution. Overview :: While I was hunting…

Bug Bounty

4 min read

RCE via Internal Access to Adminer Database Management (Critical)

Mar 7, 2021

Finding Hidden Login Endpoint Exposing Secret `Client ID`

Hello, My name is Ahmad Halabi, Founder & CTO at Cybit Sec and part time bug bounty hunter on Hackerone. Today I am going to share one of my cool findings about an information disclosure bug in a private program on HackerOne. Turning a Low Severity bug into a High…

Bug Bounty

4 min read

Finding Hidden Login Endpoint Exposing Secret `Client ID`

Feb 28, 2021

Secret Key Exposure in API Config Directory

Hello, My name is Ahmad Halabi, Founder & CTO at Cybit Sec and I am currently a part time bug bounty hunter mostly on Hackerone. At the beginning of this month, I got an invitation to a private program specialized in Big Data and Integration services. The scope was limited…

Bug Bounty

3 min read

Secret Key Exposure in API Config Directory

Nov 29, 2020

Chaining Multiple Requests to Achieve Rate Limiting Vulnerabilities

Hello, I want to share with you a new methodology about finding rate limit vulnerabilities and even bypassing rate limit protections. For those who don’t know me, my name is Ahmad Halabi and I am a part time bug bounty hunter. Overview :: A lot of programs and companies implement…

Bug Bounty Hunting

4 min read

Chaining Multiple Requests to Achieve Rate Limiting Vulnerabilities

Published in InfoSec Write-ups

·Oct 17, 2020

My Bug Bounty Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 year

My Bug Bounty Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 year Hello, My name is Ahmad Halabi. A lot of people are asking me how I reached top 100 hackers scoring over 8k reputation on hackerone in a very short time (1 year…

Bug Bounty

10 min read