BEN HAMMOUDA NOUR — Security Engineer

About

Security engineer focused on offensive operations, vulnerability research, and AI security. I work across the full attack chain — from initial recon through exploitation, post-exploitation, and responsible disclosure.

Hands-on experience securing e-commerce platforms against OWASP Top 10 threats, conducting red team engagements to domain admin, and building custom tooling for threat intelligence and C2 infrastructure. Active HackerOne/Bugcrowd researcher with a track record of responsible disclosure to major platforms.

When I'm not breaking things, I'm reverse engineering them — or writing about why they broke, for practitioners, not press releases.

Focus Network Engineering · Offensive Security · AI Sec

Education B.S. Computer Engineering

Competitions IEEEXtreme 18.0 · HTB · TryHackMe

Platforms HackerOne · Bugcrowd · HTB

GitHub github.com/hireblackout

Status ● Open to work

Experience

Open Source Security Contributor

caveman (JuliusBrussee, 74.9k stars) — Independent Security Audit & Upstream Fix · Remote

Discovered a critical integrity vulnerability in caveman's compression-validation pipeline: inline backtick spans silently dropped during compression, enabling undetected data corruption across all compressed outputs — a class-level validation gap with systemic impact.
Architected validate_inline_codes(), a Counter-based diff validator with 11 unit tests, and drove the fix through code review and merge via PR #309, establishing integrity guarantees for the entire compression pipeline.
Identified and fixed is_sensitive_path() false positives blocking documentation files with security-related names (e.g., password_policy.md, secrets_management_guide.md) — introduced a _DOC_EXTENSIONS allowlist with 23 test cases, submitted via PR #308.

OWASP Nettacker

OWASP Foundation — Vulnerability Detection Engineering · Remote

Designed a YAML detection module for CVE-2024-0012 (PAN-OS auth bypass, CVSS 9.3, CISA KEV) — exploits Nginx path confusion by injecting X-PAN-AUTHCHECK: off via /php/ztp_gate.php/.js.map to fingerprint unpatched PAN-OS management interfaces, with multi-condition response matching (HTTP 200 + ZTP title) eliminating false positives against patched and non-target hosts. Submitted via PR #1444 with 5 test scenarios.

E-Commerce Security Specialist

Lumia — Platform Security Hardening · Remote

Summer 2025

Architected defense-in-depth security posture for Lumia's e-commerce platform: OWASP-driven WAF ruleset, enforced TLS 1.3, OAuth 2.0 + JWT auth framework — reducing attack surface ~70% across 50+ remediated findings (SQLi, XSS, privilege escalation).
Performed penetration testing and vulnerability assessments, eliminating high-risk exposure across the platform's application and infrastructure layers.

Cybersecurity Consultant

Contract Security Engagements · Web Application Security (Remote)

2024 — Present

Delivered offensive security across 15+ e-commerce platforms: red team engagements achieving domain admin through multi-stage privilege escalation chains, pre-production vulnerability assessments closing 50+ critical findings (SQLi, XSS, IDOR).
Built client base through delivered results — repeat engagement and referral pipeline sustained independent security practice.

Technical Arsenal

Languages

Python · Bash · C/C++ · JavaScript · TypeScript · Assembly (x86/x64) · SQL · Go · PowerShell

Offensive Security & RE

Metasploit · Burp Suite · Cobalt Strike · BloodHound · Ghidra · IDA Pro · x64dbg · Binary Ninja · Mimikatz · sqlmap

Network & Infrastructure

Nmap · Wireshark · Snort · Docker · Kubernetes · AWS · pfSense · Cisco ASA · MQTT · Aircrack-ng

Application Security

SAST (ESLint, Semgrep) · Snyk · WAF · AES-256-GCM · OAuth 2.0 · JWT · bcryptjs · OWASP ZAP

Threat Intel & AI Security

MITRE ATT&CK · Shodan · YARA · TensorFlow · Google Gemini API · OpenAI API · FastMCP · NVD feeds

Compliance & Frameworks

NIST CSF · GDPR · NDPR · PDPA · POPIA · Incident Response · Responsible Disclosure

Ben HammoudaNour.

Ben Hammouda
Nour.