Whoami
~/bio
Security researcher. Builder.
Relentlessly curious.
I operate at the intersection of offensive security research and software engineering — breaking systems to understand how they work, then documenting it for others. My core focus areas are exploit development, reverse engineering, and Bug Bounty hunting. I treat every target as a puzzle — methodical enumeration, patient analysis, precise exploitation.
Active Research
IEEE TargetedCurrently authoring a research paper exploring C2-over-DNS architectures. The project implements a novel steganography algorithm to evade Next-Generation Firewalls (NGFWs) and AI-based network detectors, demonstrating how high-throughput covert channels bypass advanced defensive layers.
Key Vectors & Discoveries
Critical SQL Injection — Financial Sector
Discovered, reported, and awarded bounty for a blind SQLi vulnerability in a banking web application.
Multiple CVE-level Disclosures
Responsible disclosure of vulnerabilities to international vendors (Jan 2024 - Present).
WebSocket Hijacking PoC
Developing a comprehensive proof-of-concept for a reported realtime communications flaw.
Leadership
Student CTF Team
Founder & Former Lead
Established the University of Jordan's first competitive security team.
Where I'm Headed
My long-term ambition is to become a recognized scientific researcher in cybersecurity and deliver a groundbreaking contribution to the field — a quantum leap that redefines what's possible. Every vulnerability I find, every tool I build, and every paper I write is a step toward that goal. I don't do this for credentials. I do it because the work itself demands to be done.