MARWAN KHODAIR

[ Cybersecurity Professional & Bug Bounty Hunter ]

Ethical Hacker | Penetration Tester | Red Teamer

>_ Contact Me >_ View Projects

> ABOUT_ME

root@0xMarvul:~$ cat about.txt

A junior cybersecurity professional currently studying at the Egyptian E-Learning University (EELU), with a strong passion for ethical hacking, red teaming, and penetration testing.

I specialize in simulating real-world attacks to identify and mitigate security vulnerabilities. My goal is to develop robust offensive security skills, conduct in-depth security assessments, and help organizations improve their defensive posture.

[ Education ]
πŸ“š Bachelor's in Computers and Information Technology
🏫 Egyptian E-Learning University (EELU)
πŸ“… 2022 - 2026

> BUG_BOUNTY_STATS

⏱️
Calculating...
Hunting Duration
Since Aug 1, 2025
βœ…
3
Accepted
Valid Vulnerabilities
πŸ”„
1
Duplicates
Already Reported

Areas of Expertise

🌐 Web Security
πŸ“± Android Security
πŸ”— Network Pentesting
🏒 Active Directory (Basics)

> EXPERIENCE

WE INNOVATE x ZeroSploit MEA Internship

July 2025 – Sep 2025

  • β–Ή Performed hands-on web application penetration testing, identifying and exploiting vulnerabilities including XSS, SQLi, SSRF, IDOR, LFI/RFI, and JWT flaws
  • β–Ή Conducted mobile penetration testing for Android apps using APK reverse engineering, component exploitation, SSL pinning bypass, and insecure data storage analysis
  • β–Ή Executed network pentesting using tools like Metasploit for scanning, exploitation, and privilege escalation
  • β–Ή Practiced Active Directory security techniques including enumeration, Kerberos ticket abuse, and NTLM attacks
  • β–Ή Explored advanced concepts in OS vulnerabilities, binary exploitation, and wireless network attacks

> PROJECTS

Bug Bounty Methodology Project

June 2025

Developed a structured web-based bug bounty methodology covering the full engagement lifecycleβ€”from recon to exploitation and reporting.

  • β–Ή Mapped OWASP Top 10 and API Top 10 vulnerabilities to hands-on testing steps
  • β–Ή Integrated popular tools: Burp Suite, Nmap, Subfinder, Amass, Gobuster, Nuclei
  • β–Ή Focused on high-impact issues: IDOR, SSRF, business logic vulnerabilities, and authentication flaws
  • β–Ή Included ethical guidelines, reporting templates, and clear usage instructions
>_ View Project

> SKILLS

πŸ’» Programming Languages

Python C++ HTML CSS

πŸ”§ Pentesting Tools

Burp Suite Nmap Metasploit Subfinder Amass dirsearch FFUF sqlmap

πŸ›‘οΈ Security Domains

OWASP Top 10 API Top 10 IDOR SSRF XSS SQLi JWT Attacks Business Logic

πŸ–₯️ Operating Systems

Kali Linux Ubuntu Windows

πŸ† Certifications

Cybersecurity – Microsoft x Sprints Summer Camp Jul 2025
Microsoft SC-900 – Security, Compliance, and Identity Fundamentals Sep 2024
Cisco Ethical Hacker Jul 2024
Google Cybersecurity Professional Certificate Jun 2024
Ethical Hacking Apr 2024
Python Programming Apr 2024
HTML & CSS Feb 2023
C++ Jan 2023

> CONTACT

root@0xMarvul:~$ cat contact.txt

πŸ“§ marwankhodair0@gmail.com
πŸ“± +20 111 143 9728
πŸ’Ό linkedin.com/in/marwan-khodair
πŸ™ github.com/0xmarvul