Home
Cancel

Who Am I?

Hello reader, My name is Mohammed or as known as Z0ldyck. I am a first-year student at Champlain College majoring in Cyber Security. I started learning about Network and Web Penetration Testing while I am in High School. Before High School, I had some experience with programming and Arduino. I will be sharing here everything that I learned related to Cyber Security. Most of my work will be based on Personal findings, HackTheBox, TryHackMe, Portswigger, and more.

WORK EXPERIENCE:

  • Synack Red Team member
    Penetration Tester at Synack since (Jul,2021)(Part Time)
  • The Leahy Center
    Research Assistant (May,2021 - Jul,2021)(Part Time)

Certifications:

  • Certified Red Team Operator (CRTO)
    zeropointsecurity
  • Offensive Security Certified Professional (OSCP)
    OffensiveSecurity
  • eLearnSecurity Certified Penetration Tester (eCPPTv2)
    eLearnSecurity
  • Web Application Penetration Testing ( eWPT )
    eLearnSecurity
  • eLearnSecurity Junior Penetration Tester (eJPT)
    eLearnSecurity
  • PentesterLab Badges
    Blue - Intercept - Serialize - White - Yellow - Essential - PCAP - Unix



PERSONAL PROJECTS:

  • Zmuggler
    A simple tool for finding HTTP Request Smuggling vulnerability in a website. It works by providing the target URL
  • ZRedirect
    A simple tool for finding open redirect vulnerability in a website. It works by providing a file contains for example wayback urls



CVEs

  • CVE-2021-31760:
    Webmin 1.973 - Exploiting a Cross-site request forgery (CSRF) attack to get a Remote Command Execution (RCE) through the Webmin's running process feature
    CVE-2021-31760
  • CVE-2021-31761:
    Webmin 1.973 - Exploiting a Reflected Cross-Site Scripting (XSS) attack to get a Remote Command Execution (RCE) through the Webmin's running process feature
    CVE-2021-31761
  • CVE-2021-31762:
    Webmin 1.973 - Exploiting a Cross-site request forgery (CSRF) attack to create a privileged user through the Webmin's add users feature then getting a reverse shell through the Webmin's running process feature
    CVE-2021-31762



Achievements

Contact


SlideShow

CRTO
OSCP
eCPPT
eWPT