B.Sc. Computer Science. Cybersecurity bootcamp trainee at Tuwaiq Academy with prior security-related traineeships. Comfortable with defensive security, vulnerability assessment, web and API topics, mobile and reverse-engineering style projects, CVE research, and day-to-day server work with Git, CI/CD, and Nginx.
Logs, exploits, and the discipline to protect what people rely on that is the work I chose.
— Mohamed AlAbiya · About the path
From Najran University to Tuwaiq Academy, building toward blue team work, DFIR, and production security in Saudi Arabia.
Recent roles include data center operations at Abaja Contracting and vulnerability scanning at Delta Line. Public work spans CVE research, DFIR labs, Android security tooling, and day-to-day ops with ELK, Splunk, Linux, and Nginx.
Authentication and MFA bypass research with public documentation.
2025Chained web exploitation through shell access to privilege escalation.
2025Captive portal for Android Hotspot, supports Android, iOS, macOS, Windows.
2026Server-side vulnerability analysis and educational proof of concept.
2025Android reverse engineering on APK and runtime memory.
2024Low-level Android memory allocation for tamper and debug scenarios.
2024A 25-question DFIR lab analyzing Windows security logs from Splunk, Elastic, or Event Viewer to trace the attacker through persistence and lateral movement.
2026
Blue team concepts, hardening, least privilege, backups. ELK Stack and Splunk for log search, dashboards, and monitoring. Linux and Windows servers, Nginx, general server administration.
Vulnerability scanning and manual checks, including Nmap. Penetration testing practice in labs and on real applications. Common web issues framed with OWASP-style awareness.
Web and API security, sessions, JWT, NextAuth.js where relevant. Mobile security basics on Android and iOS from a review perspective. OAuth2, SSO, and role-based access control.
Python, Bash, SQL, Git workflows, CI/CD pipelines, Docker basics. Reverse engineering, CVE research and proof of concepts. TryHackMe and CSRF labs.
Najran University (NU). June 2025.
Foundations of Cybersecurity (Google). OSDA (SOC-200) (OffSec). PEN-100 (OffSec).
AWS Cloud Technical Essentials (Amazon Web Services). CompTIA Data+ (Infosec). Data Analysis: Basic Probability and Statistics (Harvard University).
Cybersecurity and social implications (University of Valencia). Python Programming: Basic Skills (Codio). DDoS Attacks and Defenses (University of Colorado). Hardware and Operating Systems (IBM).
Book a job interview or consultation below - no login required. Your account is created automatically via device fingerprint.
