I’m Youssef, a Software Engineering student at McMaster and a bug bounty hunter on HackerOne since 2021. I started this blog to document my security research — both as a reference for myself and to share methodology with the community.
What I’ll Be Posting
- Bug bounty writeups after disclosure is approved
- Methodology breakdowns — how I approach recon, manual testing, and chaining vulnerabilities
- CTF solutions from TryHackMe and other platforms
- Android security research as I expand deeper into mobile
Why Write It Up?
Writing forces you to understand what you actually did vs. what you think you did. Half the time I’m drafting a writeup, I realize there’s a cleaner exploitation path I missed, or that my initial assumptions about impact were wrong.
It also builds a public track record. A portfolio of well-documented findings says more than a resume bullet point ever could.
More posts coming soon. Stay tuned.