About

About

Hey, I’m Yacine Rahmoun — a pentester, bug bounty hunter, and security researcher.

I’m passionate about offensive security across the full stack — web, API, network, Active Directory, and mobile. I don’t limit myself to one domain; I believe a good attacker understands the whole picture.

I spend my time hunting bugs, breaking into things legally, and constantly learning. This site is where I share write-ups, research, and thoughts along the way.

Certifications

Offensive Security

  • OSEP — Offensive Security Experienced Penetration Tester
  • OSWP — Offensive Security Wireless Professional

HackTheBox

  • CPTS — Certified Penetration Testing Specialist

INE / eLearnSecurity

  • eWPTX — Web Application Penetration Tester eXtreme
  • eCPPT — Certified Professional Penetration Tester
  • eMAPT — Mobile Application Penetration Tester

Altered Security

  • CRTE — Certified Red Team Expert

The SecOps Group

  • CAPenX — Certified Application Penetration Tester Expert
  • CAPen — Certified Application Penetration Tester
  • CMPen-Android — Certified Mobile Penetration Tester (Android)
  • C-APIPen — Certified API Penetration Tester

HackTheBox Pro Labs

  • RastaLabs — Red Team simulation lab
  • P.O.O — Offshore Active Directory lab
  • Zephyr — Active Directory & cloud attacks
  • Dante — Entry-level full network penetration
  • Hades — Advanced evasion & red team techniques
  • APTLabs — Advanced Persistent Threat simulation

Get in Touch

Feel free to reach out for collaborations, bug bounty tips, or pentest assessments at yacine@bypassed.uk