About

I hack at Doyensec. Details of professional experience on Linkedin.

Hobby Projects

sourcegraph-scripts (2022)

A set of Python scripts to identify vulnerabilities in GitHub projects using Sourcegraph. The scripts download code files from Sourcegraph results; subsequently, static analysis is applied to identify vulnerabilities en masse. This demonstrates a unique use-case of Sourcegraph for security research.

Tech stack: Python, Bash, Semgrep, Git

dns-exfil (2021)

A Python tool to start a DNS server for exfilitration or ping-back detection. The tool supports hex encoding and outputs JSON, allowing easy parsing with something like jq. The project has been successfully used to detect the Log4Shell vulnerability.

Tech stack: Python, DNS, Git

censorship-detector (2021)

A browser extension (in JavaScript) that identifies website censorship techniques. Although experimental, it can recognize DNS, HTTP, SNI filtering—all from a browser extension. I built the extension to tackle censorship of sites in Lebanon, my home country.

Tech stack: JavaScript, HTML, CSS, npm, Webpack, WebExtensions API, Git

Contributions & Publications

• The Story of the Million Dollar Bounty (2020)
• “CI Knew There Would Be Bugs Here” — Exploring Continuous Integration Services as a Bug Bounty Hunter (2019)
• Employee’s GitHub Token Found In Travis CI Build Logs (2019)
• Security Features of Firefox (2019) Detectify
• Stored XSS-ing Millions Of Sites Through HTML Comment Box (2017) Detectify
• Guest blog: Karim Rahal on a Spotify playlist hack (2016) Detectify

Press Appearances

• ZDNet: CI build logs continue to expose company secrets (2019)
• TheNextWeb: How a popular website plugin became a serious security liability (2017)
• SecurityWeek: Comments Widget Exposed Many Websites to Attacks (2017)
• The Register: Kid hackers break XSS defences, find hack hole in 2 million websites (2017)