| 0nlymohammed

centered image

Who Am I?
Hello, the one who read, My name is Mohammed or known as 0nlymohammed. I am a CyberSecurity Specialist. I started learning about Network and Penetration Testing while I am in High School. Before High School, I had some experience with programming and Windows Server. I will be sharing here everything that I achieved in 2021. Most of my work will be based on Personal findings, HackerOne, intigriti, Portswigger, Bugcrowed, Bugv, CTF competitions and more.

WORK EXPERIENCE:

HackerOne
Security Researcher at HackerOne since (Dec,2020)(Part Time)

Saudi Federation for Cybersecurity, Programming and Drones
Security Researcher since (2021) (Part Time)

Bugcrowed
Security Researcher at Bugcrowed since (Aug,2021)(Part Time)

EarthLink
Security Researcher at EarthLink since (Nov,2021)(Part Time)

intigriti
Security Researcher at intigriti since (Aug,2021)(Part Time)

COURSES & CERTIFICATIONS:

NGINX Fundamentals: High Performance Servers

The Nuts and Bolts of OAuth 2.0

AWS certified solutions architect
- IYELLP Test
PERSONAL PROJECTS:
- Firewall for one million arab coders
  firewall using bot API helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection
TECHNICAL SKILLS:
- Performing Dynamic/Static web application penetration testing ( SAST/DAST )
- Experienced with OWASP Web/Api standards and processes for conducting penetration testing
- PYTHON coder and familiar with Ruby,Javascript ,PHP and BASH basics
- Experienced with the Windows/linux Servers, Azure, AWS testing fundamentals
- Fundamentals of :
  -Regular Expressions
  -IOS/Android SSL Pinning and Root detection bypasses
  -BOF
Acknowledgments
- Apple Hall Of Fame:
  Apple web server notifications
- Microsoft Hall Of Fame:
  MSRC Acknowledgements
- Redhat Hall Of Fame:
  Vulnerability Acknowledgements for Red Hat online services
- Careem taxi:
  Careem
- Facebook:
  Facebook thanks
- U.S. Dept Of Defense:
  4th place in DoD
- UN Hall Of Fame:
  UN Information Security Hall of Fame
Competitions:
- first place ( 1st ) iraqi team at ctftime.com All Time
  - Second place ( 2nd ) in CyberTalents Iraqi National CTF 2021 with my team ( Satgate )
    - Top 6 ( 6th ) in CyberTalents Arab and Africa Regional CTF 2021 in Finals with my team ( Satgate ) - 2021
    - Top 15 athack CTF 2021 ( Satgate )
      got qualified for the Finals
      - third place ( 3st ) in Winja CTF | c0c0n 2021 with my team ( Satgate )
        Among ( more than 200 teams )
      Articles
      - FatPipe Networks WARP Verison — Authorization Bypass:
        In This Article, I explain how to attack the FatPipe Networks WARP
        Authorization Bypass
      - nginx merge slashes path traversal:
        Well this is my first article about path traversal
        Common Nginx Misconfigurations
      POCs & Automation
      - Firewall project made with a PHP:
        Firewall
      Accounts
      >
      Images
      
      CyberTalents(2nd)-team
      
      Facebook's HOF
      
      Best Iraqi Hacker at HackerOne quarter 2
      
      Best Iraqi Hacker at HackerOne quarter 3
      
      Best Iraqi Hacker at HackerOne for the quarter 4
      
      Best Iraqi Hacker at HackerOne for 2021
      
      Microsoft Hall of Fame
      
      Redhat HOF
      
      United Nations
      
      2012 rep less than 1 year
      
      4th place at DoD HOF
      
      Apple Hall of fame (soon)
      
      TOP 3 at Winja CTF | c0c0n 2021
      
      Best Iraqi team at 2021
      
      CyberTalents(2nd)-team
      
      </body> </html>

Tags