y
yassine_hilall

Yassine H

@yassine_hilall

Security Analyst

Marruecos
Árabe, Inglés, Francés
Parte de la información aparece en idioma inglés.
Sobre mí
Hi, I’m Yassine, a web security researcher focused on manual testing and real abuse paths, not just automated scans. I review login, session, account, password reset, access control, and payment flows to find logic flaws that scanners often miss. You receive clear evidence, simple impact explanations, and practical fix recommendations. I only perform permission-based, non-destructive testing within the agreed scope. ... Lee más

Habilidades

y
yassine_hilall
Yassine H
desconectado • 

Revisa mis servicios

Soporte técnico
I will find business logic and account flow risks in your web app

Porfolio

Experiencia laboral

Security Researcher (Authentication & Access Control)

Freelance Security Research • Freelance

Jan 2023 - Present3 yrs 6 mos

I specialize in analyzing authentication and authorization logic in modern web applications and SaaS platforms. My work focuses on: - Testing login and logout flows (SSO, OAuth, OIDC) - Identifying logic flaws in authentication and access control - Validating redirect handling and session management - Reviewing identity configurations for security and robustness I perform manual security testing in controlled and isolated environments, focusing on real-world attack scenarios such as authentication bypass, misconfigured redirects, and logic gaps rather than generic automated scans. All testing is conducted responsibly, with clear documentation and actionable security findings.