About

About

About

I’m Yacine Rahmoun — an offensive security professional specializing in penetration testing, red teaming, and vulnerability research.

With experience spanning web and API security, Active Directory exploitation, mobile application testing, and network penetration testing, I approach engagements with a full-stack attacker’s perspective. I’ve disclosed 200+ valid vulnerabilities across major bug bounty platforms including HackerOne, Bugcrowd, Intigriti, and Yogosha, and I’m a vetted member of the Synack Red Team.

This site is where I publish technical write-ups, research, and insights from the field.


Certifications

Offensive Security

  • OSEP — Offensive Security Experienced Penetration Tester
  • OSWP — Offensive Security Wireless Professional

HackTheBox

  • CPTS — Certified Penetration Testing Specialist

INE / eLearnSecurity

  • eWPTX — Web Application Penetration Tester eXtreme
  • eCPPT — Certified Professional Penetration Tester
  • eMAPT — Mobile Application Penetration Tester

Altered Security

  • CRTE — Certified Red Team Expert

The SecOps Group

  • CAPenX — Certified Application Penetration Tester Expert
  • CAPen — Certified Application Penetration Tester
  • CMPen-Android — Certified Mobile Penetration Tester (Android)
  • C-APIPen — Certified API Penetration Tester

Pro Labs

Completed all six HackTheBox Pro Labs, enterprise-scale environments simulating real-world Active Directory networks, cloud infrastructure, and advanced adversary operations.

  • APTLabs — Advanced Persistent Threat simulation
  • Hades — Advanced evasion and red team techniques
  • RastaLabs — Red team operator simulation
  • Zephyr — Active Directory and cloud attack chains
  • Dante — Full network penetration testing
  • P.O.O — Active Directory exploitation

Contact

Available for penetration testing engagements, security research collaborations, and responsible disclosure coordination.

yacine@bypassd.cc