NADER ALHARBI

I'm Penetration Tester

About me Get In Touch

Summary

Cybersecurity enthusiast with a strong interest in penetration testing, red teaming, and ethical hacking. Skilled in identifying and exploiting security vulnerabilities to help strengthen systems and networks. Actively pursuing advanced knowledge about new exploitation techniques. A team player with a proactive approach to learning and problem-solving, aiming to contribute effectively to the field of cybersecurity while continuously honing technical expertise.

Profile Image

Education

Bachelor degree in Cybersecurity

University of Jeddah

2021 - Present

Certifications

Professional certifications that enhance my expertise and validate my skills in various domains.
Under each Certificate you can find key topics and skills gained by the Certificate.

Certification 1

Certified Red Team Professional (CRTP)

Issued by Altered Security

Key Topics and skills

- Active Directory (AD) Enumeration
- AD attacks
- ACLs Abuse
- AD Presistance
- Child to parent domain escalation
- Trust Attacks
- Forest privilege escalation

Certification 2

Web Application Penetration Tester eXtreme (eWPTX)

Issued by INE

Key Topics and skills

- Web Application Penetration Testing Methodology
- Web Application Reconnaissance
- Authentication Attacks
- Advanced Injection Vulnerabilities
- API Penetration Testing
- Server-Side Attacks
- Filter Evasion & WAF Bypass

Certification 3

Certified Professional Penetration Tester (eCPPT)

Issued by INE

Key Topics and skills

- Client-Side Attacks
- Web Application Penetration Testing
- Network Penetration Testing
- Exploit Development
- Post-Exploitation
- Red Teaming and Active Directory Penetration Testin

Certification 4

Certified Threat Hunting Professional (eCTHP)

Issued by INE

Key Topics and skills

- Threat hunting methodology
- Threat hunting using Splunk
- Threat hunting using ELK
- Memory-based threat hunting

Certification 5

Junior Penetration Tester (eJPT)

Issued by INE

Key Topics and skills

- Assessment Methodologies
- Host & Networking Auditing
- Host & Network Penetration Testing
- Web Application Penetration Testing

Courses & Bootcamps

Continuous learning is key to staying ahead in the fast-evolving cyber landscape. Here are some of the courses and bootcamps I've completed to enhance my skills.

Augest 2023

TryHackMe

Top 1% of overall users

TryHackMe is a Cybersecurity Learning platform Where I completed over 100+ rooms ranging from cybersecurity basics to Penetration testing and red teaming

December 2023

Cybersecurity Bootcamp

NCA & KAUST

One of the amazing bootcamps that I attended Where I advanced through 3 stages hardening my knowledge in the Cybersecurity field

March 2024

Threat hunting Bootcamp

CyberHub

This Bootcamp covered the eCTHP certificate. I was one of the top students and I was awarded a voucher for the eCTHP Certificate

April 2024

Web Application Penetration Testing Bootcamp

CyberHub

This Bootcamp mainly focused on the eWPT & eWPTX certificate. Really enhanced my skills in Web Application Penetration testing.

May 2024

Web Application Penetration Tester (eWPT)

INE

Even though I did not take the eWPT certifications I finished the course where I learned The basics of Web Pentesting

July 2024

NCA & SITE

Cybersecurity Bootcamp

Fruitful bootcamp where it went over certifications like the Network+, Security+ and real life simulations for SOC analysis And Penetration Testing Engagement. Ended with Practical exam preforming the skills we obtained

Augest 2024

Active Directory Penetration Testing Bootcamp

CyberHub

This Bootcamp focused on Active Directory Pen testing life cycle. including these topics (Active Directory Foundations, Breaching Active Directory, Enumerating, Attacks, Lateral Movement, Persistence)

October 2024

Mobile Application Penetration Testing Bootcamp

CyberHub

This Bootcamp initially was about the eMAPT Certificate. But, It went above and beyond the Certificate topics. Covering Advanced topics like (Frida, Binary patching techniques, bypassing certificate pinning, root and virtual machine checks, Frameworks like Flutter, Xamarin Forms, and React Native)

Projects

Here are some of the projects I've worked on that showcase my skills and expertise. Click project to see demo video.

Google Chrome Password Stealer

Google Chrome Password Stealer

This malware decrypts and steals passwords stored in Google Chrome, sending them to the attacker’s Command and Control (C2) server without detection from Windows Defender on Windows 10.

Python Stealer Evasion
Subnet Scanner

Subnet Scanner

This Python program identifies live hosts on a subnet, useful for penetration testers to locate active hosts.

Python Enumeration

Connect

Feel free to reach out if you're interested in working together or have any questions.