y
yassine_hilall

Yassine H

@yassine_hilall

Security Analyst

Marokko
Arabisch, Englisch, Französisch
Einige Informationen werden in englischer Sprache angezeigt.
Über mich
Hi, I’m Yassine, a web security researcher focused on manual testing and real abuse paths, not just automated scans. I review login, session, account, password reset, access control, and payment flows to find logic flaws that scanners often miss. You receive clear evidence, simple impact explanations, and practical fix recommendations. I only perform permission-based, non-destructive testing within the agreed scope. ... Mehr lesen

Kompetenzen

y
yassine_hilall
Yassine H
offline • 

Meine Dienstleistungen

Technischer Support
I will find business logic and account flow risks in your web app

Portfolio

Arbeitserfahrung

Security Researcher (Authentication & Access Control)

Freelance Security Research • Freiberufler

Jan 2023 - Present3 yrs 6 mos

I specialize in analyzing authentication and authorization logic in modern web applications and SaaS platforms. My work focuses on: - Testing login and logout flows (SSO, OAuth, OIDC) - Identifying logic flaws in authentication and access control - Validating redirect handling and session management - Reviewing identity configurations for security and robustness I perform manual security testing in controlled and isolated environments, focusing on real-world attack scenarios such as authentication bypass, misconfigured redirects, and logic gaps rather than generic automated scans. All testing is conducted responsibly, with clear documentation and actionable security findings.