Available for work · Riyadh, Saudi Arabia

Abdulaziz Alasaiqah

Penetration Tester & Bug Bounty Hunter

I focus on web application security and vulnerability research — finding and responsibly disclosing real-world flaws, with published CVEs to credit. Certified eJPTv2 & eCPPTv3, and expanding into low-level exploitation.

Get in touch LinkedIn GitHub

About

I'm a dedicated Penetration Tester with a strong focus on web application security and bug bounty hunting. I hold the eJPTv2 and eCPPTv3 certifications, with hands-on experience in real-world vulnerability discovery and responsible disclosure.

I actively participate in bug bounty programs — including BugBounty.sa, where I've earned 1,500 points across 132 reports — and placed 3rd in the Bug Bounty Junior Competition at Black Hat MEA 2025. I'm currently expanding into low-level security: studying C/C++ and specializing in reverse engineering and binary exploitation.

Role
Penetration Tester · Bug Bounty Hunter
Location
Riyadh, Saudi Arabia
Focus
Web & Low-Level Exploitation
Also
Full-Stack Developer

Research & Achievements

  • CVE-2026-6765 — Firefox Form Autofill

    Reported to Mozilla; fixed in Firefox 150 & ESR 140.10. Awarded a 3,750 SAR bounty.

    CVE

  • CVE-2026-39154 — Stored XSS in CometChat

    Discovered and responsibly disclosed a Stored XSS in the CometChat platform; officially credited.

    CVE

  • Black Hat MEA 2025 — Bug Bounty Junior

    3rd place in the Junior Competition at one of the region's largest cybersecurity events.

    3rd place

  • Defenseathon (#GADD) — Project Sate'

    2nd place in the Defenseathon challenge.

    2nd place

  • BugBounty Joiner Competition

    3rd place finish.

    3rd place

  • BugBounty.sa

    Active researcher on Saudi Arabia's national bug bounty platform — 132 reports submitted across 1,500 points.

    1,500 pts

Certifications

eJPTv2

eLearnSecurity Junior Penetration Tester — hands-on penetration testing methodology.

eCPPTv3

eLearnSecurity Certified Professional Penetration Tester — advanced web, network & post-exploitation.

Skills

Offensive Security

Web Application Pentesting · Bug Bounty Hunting · Vulnerability Research · Responsible Disclosure · XSS, Injection & Logic Flaws

Low-Level & Reverse Engineering

Binary Exploitation · Reverse Engineering · C / C++ · Windows Internals · Shellcode & Payloads

Development

Full-Stack Development · JavaScript · Python Scripting · Tooling & Automation

Projects

VirtualAlloc-shellcode

Executing shellcode using VirtualAlloc on Windows.

C

wnet

A small Windows payload fetcher.

C

Keylogger

Keystroke capture proof-of-concept.

C++

MBR

MBR-Overwrite experiment.

C#

Age2Time

Calculates days & hours lived from your age.

C++

ASCII

An ASCII printer utility.

C++
View all repositories on GitHub →

Contact

Let's work together.

Open to penetration testing engagements, security research, and full-time roles.

Emailabdulazizalasaiqah@gmail.com Phone+966 53 010 1662 LinkedIn/in/abdulaziz-alasaiqah GitHub@defineid