Skip to content

falcon0x1/Falcon0x1

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

8 Commits
README.md
README.md
Β 
Β 

Repository files navigation

πŸ›‘οΈ Hi, I'm Mahmoud β€” aka falcon0x1

Security Engineer specializing in Web, API, Mobile (Android), and Active Directory security.
I break systems (ethically), build reconnaissance tools, and document real-world attack techniques.

Status Focus eWAPT Location

π“…‚ About Me

  • π“…‡ B.Sc. in Systems & Computer Engineering from Al-Azhar University (2024)
  • 𖀍 Certified: eWAPT (INE), CyberTalents Web/Mobile/AD Pentester, APIsec University
  • 𓆲 ITI Graduate: Completed intensive 4-month Offensive Security & Penetration Testing program (2025)
  • π“…ˆ Focused on OWASP Top 10, API business logic flaws, Android static/dynamic analysis, and AD attack chains
  • π“…“ Building automation tools for reconnaissance and attack surface mapping
  • π“…‰ Documenting security research, CTF writeups, and exploitation techniques
  • π“…† Based in Cairo, Egypt

π“…“ Tech Stack & Tools

Security Tools

Burp Suite Metasploit Wireshark Nmap OWASP Postman Frida

Development & Scripting

Python Bash Script C++ JavaScript Java

Systems & DevOps

Linux Kali Docker Git GitHub

πŸ¦β€πŸ”₯ What I'm Currently Working On

  • π“…ˆ Web & API Pentesting: Manual exploitation, authentication bypass, JWT manipulation, business logic vulnerabilities
  • 𓆲 Android Security: Static/dynamic analysis using Frida, JADX, MobSF, and objection
  • 𖀍 Active Directory Attacks: Lateral movement, privilege escalation, Kerberos exploitation
  • π“…“ FalconRecon – Bash-based reconnaissance automation framework for attack surface enumeration β†’ View Project
  • π“…‰ FalconServiceAnalyzer – Android service attack surface analyzer with automated command generation
  • π“…‚ Daily Security Notes β†’ TIL Documentation

π“…‰ Security Research & Writeups

  • π“…“ Technical articles on web, API, and mobile exploitation
  • π“…ˆ CTF walkthroughs from PortSwigger Academy, TryHackMe, HackTheBox, CyberTalents
  • 𓆲 Real-world attack vectors and remediation guidance
  • π“…‚ Read my writeups on Medium

𖀍 Certifications

  • eWAPT β€” eLearnSecurity Web Application Penetration Tester (INE)
  • Certified Web Application Penetration Tester β€” CyberTalents / ITI
  • Certified Mobile Penetration Tester β€” CyberTalents / ITI
  • Certified Active Directory Penetration Tester β€” CyberTalents / ITI
  • API Penetration Testing β€” APIsec University

π“…† Connect With Me

LinkedIn Medium X Email Portfolio

π“…“ GitHub Stats

Stats

Langs

Streak

π“…ƒ Always learning, always improving | Building tools, breaking systems, documenting everything

Profile Views

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors