Aug 12From Revealing Emails to Taking Over Accounts (Hacking Telecom)بِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِ Hello, My name is Ahmad Halabi. Working at Resecurity — A Cyber Security Intelligence Company protecting Fortune 500 against threats of all types. Part of what we do via our Hunter Unit Operations is investigate and identify new zero days, attacks and techniques that allow threat…Bug Bounty4 min readBug Bounty4 min read
Jul 7, 2022PII Disclosure of Apple Users ($10k)بِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِ Hello, My name is Ahmad Halabi. I work as a Senior Cyber Security Specialist in UAE. I also do some Bug Bounty Hunting when I have a Free Time. You can check my Biography here: https://ahmadhalabi.net/biography/ . Intro :: After I saw that Apple started paying…Bug Bounty7 min readBug Bounty7 min read
Dec 22, 2021Ultimate Reconnaissance RoadMap for Bug Bounty Hunters & Pentestersبِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِ Hello, This article is targeting anyone who is a bug bounty hunter and penetration tester. The content of this article is not new, it is indeed available on the internet, but the way of delivering it is different. Who Am I ? My name is Ahmad…Bug Bounty7 min readBug Bounty7 min read
Aug 13, 2021Taking Over Employee Accounts by Managers with Zero Employee InteractionHello, My name is Ahmad Halabi. I used to do bug bounty hunting a lot in the previous months. In this writeup I will discuss a Security Misconfiguration that leads to Business Logic Error and caused Account Takeover. Overview :: In April I was invited to a new private program…Bug Bounty7 min readBug Bounty7 min read
Jun 26, 2021My Experience For 2 Years In Bug Bounty HuntingHello, My name is Ahmad Halabi. I am writing this article as a summary about my experience that was gathered during my Bug Bounty Journey that I started 2 years ago. Before proceeding, I previously wrote an article about How I started in bug bounties and how I achieved some…Bug Bounty6 min readBug Bounty6 min read
Published inInfoSec Write-ups·Apr 24, 2021RCE via Internal Access to Adminer Database Management (Critical)Hello, My name is Ahmad Halabi, I do bug bounty hunting on my free time. I mainly hunt on HackerOne. In this article I am going to share with you how I was able to access internal database management leading to Remote Code Execution. Overview :: While I was hunting…Bug Bounty4 min readBug Bounty4 min read
Mar 7, 2021Finding Hidden Login Endpoint Exposing Secret `Client ID`Hello, My name is Ahmad Halabi, Founder & CTO at Cybit Sec and part time bug bounty hunter on Hackerone. Today I am going to share one of my cool findings about an information disclosure bug in a private program on HackerOne. Turning a Low Severity bug into a High…Bug Bounty4 min readBug Bounty4 min read
Feb 28, 2021Secret Key Exposure in API Config DirectoryHello, My name is Ahmad Halabi, Founder & CTO at Cybit Sec and I am currently a part time bug bounty hunter mostly on Hackerone. At the beginning of this month, I got an invitation to a private program specialized in Big Data and Integration services. …Bug Bounty3 min readBug Bounty3 min read
Nov 29, 2020Chaining Multiple Requests to Achieve Rate Limiting VulnerabilitiesHello, I want to share with you a new methodology about finding rate limit vulnerabilities and even bypassing rate limit protections. For those who don’t know me, my name is Ahmad Halabi and I am a part time bug bounty hunter. Overview :: A lot of programs and companies implement…Bug Bounty Hunting4 min readBug Bounty Hunting4 min read
Published inInfoSec Write-ups·Oct 17, 2020My Bug Bounty Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 yearMy Bug Bounty Journey & Ranking 1st in U.S. DoD & Achieving top 100 hackers in 1 year Hello, My name is Ahmad Halabi. A lot of people are asking me how I reached top 100 hackers scoring over 8k reputation on hackerone in a very short time (1 year…Bug Bounty10 min readBug Bounty10 min read
