El Mehdi Mrhassel

December 17, 2023

About me

🔍 About Me:
I am a passionate cybersecurity enthusiast with a relentless drive to uncover vulnerabilities in some of the world’s most renowned companies. My journey into the realm of ethical hacking has been marked by countless discoveries and a deep fascination with injection vulnerabilities, particularly SQL Injection (SQLi), Cross-Site Scripting (XSS), and Remote Code Execution (RCE).

🏆 Bounty Bounty Champion:
Over my six years of experience, I’ve had the privilege of securing hundreds of thousands of dollars in bug bounties. My unwavering dedication to the craft has made me a sought-after ethical hacker in the industry, with a track record of consistently finding and responsibly disclosing critical vulnerabilities.

🌐 Impacting Industry Giants:
My contributions have directly influenced the security postures of industry giants such as T-Mobile, Facebook, Amazon, PayPal, Google, Microsoft, Payooner, Starbucks, Swisscom, Stripe, OpenAI, GitLab, Uber, Vimeo, Crypto.com, DigitalOcean and Indeed. By exposing vulnerabilities and collaborating with these organizations, I’ve played a pivotal role in safeguarding user data and fortifying their digital defenses.

💡 Passion for Vulnerabilities:
My love for injection vulnerabilities like SQLi, XSS, and RCE continues to fuel my quest for excellence in the field of cybersecurity. These vulnerabilities represent the ever-evolving challenges that keep me engaged in the dynamic landscape of ethical hacking.

📚 Sharing Insights through My Blog:
I maintain a blog to share my findings with the cybersecurity community.

🌐 Bugcrowd & HackerOne:
You can find my Bugcrowd profile here and my HackerOne profile here. I actively participate in both Bugcrowd and HackerOne programs, collaborating with companies to identify and mitigate security vulnerabilities.

Got it! Here’s the CVE section formatted with emoji and font size similar to the other sections:

🔒 CVEs Discovered:

CVE number: CVE-2024-32472, Affected Software: @excalidraw/excalidraw

CVE number: CVE-2024-11023. Affected Software: @firebase/firebase-js-sdk

🌐 Connect with Me:
Feel free to connect with me to discuss cybersecurity, collaborate on projects, or engage in knowledge sharing.