Hacker & Security Analyst at HackerOne

Double master degrees both in corporate finance at ISCAE and management of information systems at IESEG School of management. Passionate and more interested in business and information technology (IT) alignment, and has been particularly involved in the application security industry for over 5  years.

Currently working as a security analyst for HackerOne helping build a better and safe internet as well as connecting hackers and businesses.

Actively participating in bug bounty programs in my spare time and ranking 10th on HackerOne in December 2016. I have been able to help identify security vulnerabilities in a number of high-profile organizations, the likes of Google, Yahoo, Twitter, Facebook, Sony etc. and have received credits for various other security findings across different products and online services.


Sublert: Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Asnlookup: Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

CVE-2018-0296: A tool to test for Cisco ASA path traversal vulnerability (CVE-2018-0296)

Speaker at:

OWASP Seasides

BSides Belfast

Moroccan Cyber Security Camp (MCSC) – ENSIAS

Software Freedom Day – Faculté Ben M’Sik, Casablanca

Featured in:


CNN Arabic


01 Net Magazine (n°881)

France Culture

Security Week