About
About
I’m Yacine Rahmoun — an offensive security professional specializing in penetration testing, red teaming, and vulnerability research.
With experience spanning web and API security, Active Directory exploitation, mobile application testing, and network penetration testing, I approach engagements with a full-stack attacker’s perspective. I’ve disclosed 200+ valid vulnerabilities across major bug bounty platforms including HackerOne, Bugcrowd, Intigriti, and Yogosha, and I’m a vetted member of the Synack Red Team.
This site is where I publish technical write-ups, research, and insights from the field.
Certifications
Offensive Security
- OSEP — Offensive Security Experienced Penetration Tester
- OSWP — Offensive Security Wireless Professional
HackTheBox
- CPTS — Certified Penetration Testing Specialist
INE / eLearnSecurity
- eWPTX — Web Application Penetration Tester eXtreme
- eCPPT — Certified Professional Penetration Tester
- eMAPT — Mobile Application Penetration Tester
Altered Security
- CRTE — Certified Red Team Expert
The SecOps Group
- CAPenX — Certified Application Penetration Tester Expert
- CAPen — Certified Application Penetration Tester
- CMPen-Android — Certified Mobile Penetration Tester (Android)
- C-APIPen — Certified API Penetration Tester
Pro Labs
Completed all six HackTheBox Pro Labs, enterprise-scale environments simulating real-world Active Directory networks, cloud infrastructure, and advanced adversary operations.
- APTLabs — Advanced Persistent Threat simulation
- Hades — Advanced evasion and red team techniques
- RastaLabs — Red team operator simulation
- Zephyr — Active Directory and cloud attack chains
- Dante — Full network penetration testing
- P.O.O — Active Directory exploitation
Contact
Available for penetration testing engagements, security research collaborations, and responsible disclosure coordination.