Security researcher passionate about uncovering and addressing critical vulnerabilities in complex technology implementations. I specialize in mobile security (Android/iOS/VoLTE), vulnerability research, fuzzing, and bug bounty hunting. Based in Abu Dhabi, I have discovered critical CVEs affecting millions of users and regularly present research at security conferences.
|
π― Current Focus
|
β‘ Quick Stats
|
| CVE | Severity | Target | Impact |
|---|---|---|---|
 |
π΄ Critical | iOS VoLTE Stack | Remote exploitation via crafted VoLTE packets |
 |
π High | PhantomJS | Arbitrary file read via crafted web content |
π Full security research β Disclosed Online Profile Β· Conference Talks
π± Mobile Security
π¬ Vulnerability Research & Fuzzing
π Web Application Security
π Recon & OSINT
π» Programming & Scripting
βοΈ Cloud & DevSecOps
π΄ CVE-2019-17221
PhantomJS Arbitrary File Read Exploit & PoC for CVE-2019-17221 β arbitrary file read via crafted web content in PhantomJS headless browser. |
π€ AIDL_Fuzzer
Android AIDL Interface Fuzzer Custom Python fuzzer targeting Android AIDL IPC interfaces. Used in research leading to CVE-2021-31001. |
π go-SCAN
Recon Automation Suite Bash-orchestrated recon pipeline using Go-based tools (nuclei, subfinder, httpx). Fast attack surface mapping. |
π± AndroidAIDLFuzzer
On-Device AIDL Interface Fuzzer Kotlin-based on-device fuzzer for Android AIDL interfaces. Runtime IPC surface discovery & fuzzing. |
π‘οΈ mobiletools
Mobile Security Assessment Toolkit Collection of automation scripts for mobile security assessments β Android & iOS testing workflows. |
π€ Talks
Conference Research Slides Collection of security conference presentation slides covering mobile security, CVE research, and fuzzing. |
Presented at HITB, Black Hat MEA, RomHack, Hack.lu, Hacktivity, BSides, Ekoparty, and more.
| Year | Conference | Talk | Slides |
|---|---|---|---|
 |
IDSS'26 | Deep Dive into Building Next-Gen Local AI Security Reviewers | π |
 |
Black Hat MEA 2025 | FalconEYE β Local LLM Powered Code Review | π |
 |
Hack.lu 2025 | Breaking into Android IPC Mechanisms through AIDL Fuzzing | π |
 |
HITB Bangkok | AI-Assisted Code Review | π |
 |
BSides Ahmedabad 0x05 | Breaking into Android IPC Mechanisms through Advanced AIDL Fuzzing | π |
 |
RomHack Β· HITB HKT Β· BSides AMD | Hacking into iOS's VoLTE Implementation (CVE-2021-31001) | π π π |
 |
NoNameCon Β· Ekoparty Β· Hacktivity | Demystifying the Server Side | π |
 |
Null Dubai | SSRF β Make the Cloud Rain | π |
security_researcher:
name: h4ckologic
specializations:
- "π± Mobile Application Security (Android & iOS)"
- "π‘ VoLTE / Telecom Protocol Security"
- "π¬ Binary Fuzzing & Vulnerability Discovery"
- "π΅οΈ Bug Bounty Hunting (HackerOne / Bugcrowd)"
- "𧬠AIDL / IPC Interface Fuzzing (Android)"
- "π Secure SDLC & Threat Modeling"
- "βοΈ Cloud & Container Security (K8s / Docker)"
- "π Web Application Security (OWASP Top 10)"
- "π Recon & Attack Surface Mapping"
- "π CVE Research & Responsible Disclosure"
- "π€ Security Conference Speaking"
- "π‘οΈ DevSecOps & CI/CD Pipeline Security"
- "π© SAST / DAST / IAST Implementation"
methodology: "Offense-informed Defense β break it to secure it"
disclosure_policy: "Responsible Disclosure via CVD Programs"
