@qusaialhaddad Profile picture

Qusai Alhaddad

@qusaialhaddad

0day guy | Red/Blue Teamer | Pentester | Bug Hunter | I am not a #Hacker, I am a #Security Killer

Similar User
0xRAYAN photo

@0xRAYAN7

XSS Payloads photo

@XssPayloads

Lu3ky13 ⚡️⚡️ photo

@lu3ky13

Deepak bug_vs_me photo

@bug_vs_me

Anton photo

@therceman

Nihad photo

@nihad_rekany

🇸🇦 ROOD | GOAT photo

@0x_rood

Shakti Ranjan Mohanty || 🇮🇳 || photo

@3ncryptSaan

Ali Hadi | B!n@ry photo

@binaryz0ne

Geekboy photo

@emgeekboy

Abdulrahman Makki | عبدالرحمن مكي photo

@AMakki1337

InfoSec Community photo

@InfoSecComm

Akita ZeN 🇦🇷 photo

@akita_zen

Hossam A. Mesbah 🇵🇸 photo

@m359ah

Md Ismail Šojal photo

@0x0SojalSec

Add this to your LFI payload /home/000~ROOT~000/etc/passwd


Finally after all negotiations with Zabbix team I'm thrilled to share that they have assigned me a CVE-2024-22116, the severity of this CVE was Critical 9.9 with CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H lnkd.in/duem99kY

Tweet Image 1

#Microsoft has launched ICSpector, a new open-source tool designed to enhance security in ICS. This tool improves threat detection and analysis for PLCs used in critical infrastructure, addressing cyber threats from nation-states. lnkd.in/dJRj73Np


Local privilege escalation PoC exploit for CVE-2024-1086, working on most #Linux kernels between v5.14 and v6.6, including #Debian, #Ubuntu. Patch your system !


Anyone knows a contact person in Saudi Bug Bounty Platform ? #SaudiArabia


I'm thrilled to announce that I've reported a significant security vulnerability within Apple's iCloud product! After meticulous enumeration and testing, I stumbled upon an issue that could potentially compromise user data and privacy within iCloud.

Tweet Image 1

Here is how Zero Trust model operate !


While rummaging through my files, I stumbled upon a note from 2009 regarding websites susceptible to SQL Injection that I had successfully breached. Within this document, I identified 2853 websites that vulnerable to SQL Injection and various ways to bypass WAFs.

Tweet Image 1

My goals for this year weren't primarily centered around #Microsoft products, but I did discover and report some vulnerabilities, which earned me a spot on their 2023 Yearly Leader Board.

Tweet Image 1

If you wish to prevent your command from appearing in your command history, simply include a space before entering your command. Give it a try!

Tweet Image 1

"Those who fail to plan for a security incident are planning for failure." [Kevin Mitnick - The Art Of Deception]


Alhamdulla, Listed as #Microsoft Most Valuable #Security Researcher . Just Focus and you will reach what you planned for !

Tweet Image 1

I am thrilled to announce that I have been listed on the Honeywell Security Hall of Fame for my efforts in identifying and reporting multiple security issues in Honeywell Systems. Thanks @honeywell lnkd.in/d2m_qvEE

Tweet Image 1

After investing countless days into obtaining an RCE (Remote Code Execution), only to receive a brief response at the end stating "Out Of Scope," I have encountered situations where they promptly address the issue without expressing gratitude.

Tweet Image 1

Practice Red Teaming , here good Labs to try vulnlab.com/main/red-team-…


Guess The Password !


I was expecting it to be disqualified, but I loved their reply regarding Bard. I was able to pivot to another Bard Cluster Node, but I was not sure about it as it keeps changing the IP.

Tweet Image 1

Loading...

Something went wrong.


Something went wrong.