╔═══════════════════════════════════════════════════════════════╗
║ ║
║ ░█████╗░██╗░░██╗███╗░░░███╗░█████╗░██████╗░ ║
║ ██╔══██╗██║░░██║████╗░████║██╔══██╗██╔══██╗ ║
║ ███████║███████║██╔████╔██║███████║██║░░██║ ║
║ ██╔══██║██╔══██║██║╚██╔╝██║██╔══██║██║░░██║ ║
║ ██║░░██║██║░░██║██║░╚═╝░██║██║░░██║██████╔╝ ║
║ ╚═╝░░╚═╝╚═╝░░╚═╝╚═╝░░░░╚═╝╚═╝░░╚═╝╚═════╝ ║
║ ║
║ Penetration Tester · Bug Hunter · Builder ║
╚═══════════════════════════════════════════════════════════════╝
$ whoami
ahmad-essam
$ cat /etc/profile.d/bio.sh
NAME="Ahmad Essam Abu Laban"
ROLE="Cybersecurity & Cloud Computing Student"
UNIVERSITY="Ajloun National University (ANU), Jordan"
FOCUS="Penetration Testing | Bug Bounty | Offensive Security"
LOCATION="Amman, Jordan 🇯🇴"
STATUS="Actively hunting bugs & breaking things (legally)"I'm a cybersecurity student and aspiring penetration tester who believes in learning by doing — CTFs, bug bounty programs, and building tools that solve real problems. Currently deep in the HTB Academy pentest path, working toward CPTS and ultimately OSCP & CWEE.
| 🏆 Achievement | Details |
|---|---|
| 🐛 Bug Bounty | Discovered & responsibly disclosed a critical IDOR (CVSS 8.5) in a live university portal |
| 🏅 HTB University CTF 2025 | Top 370 / 1,014 teams competing globally |
| 🎄 TryHackMe Advent of Cyber 2025 | Completed all challenges |
| 💰 $100 Bug Bounty | Authentication bypass vulnerability — responsible disclosure |
Offensive Security
nmap · Burp Suite · Metasploit · sqlmap · feroxbuster
Hashcat · Netcat · Wireshark · Aircrack-ng
Languages & Scripting
Python · Bash · JavaScript (Node.js)
Cloud & Infrastructure
Linux (Kali / Ubuntu) · Docker · AWS · Git/GitHub
Frameworks & Protocols
TCP/IP · HTTP/S · Active Directory · REST APIs · JWT · OAuth
Zero-dependency HTTP client running entirely in the browser. Supports GET, POST, PUT, DELETE, PATCH with custom headers, query params, and real-time response timing — built for API testing and manual request crafting during web app assessments.
Full-stack Node.js/Express.js tool demonstrating passive data collection from a single HTTP request: IP geolocation, OS, browser metadata, screen resolution, and color depth. A security awareness tool illustrating real-world fingerprinting risks.
Controlled lab using hostapd + dnsmasq to simulate Evil Twin attacks and WPA2 handshake capture. Includes a custom Node.js captive portal demonstrating credential harvesting vectors, with documented enterprise Wi-Fi mitigation strategies.
LLM-based automation assistant deployed on AWS EC2, integrating external APIs and custom pipelines for task scheduling, workflow optimization, and real-time data retrieval.
[*] HTB Academy — Penetration Tester Job Role Path
[*] Target Certification: CPTS (Certified Penetration Testing Specialist)
[*] Long-term Goal: OSCP & CWEE
$ echo "Open to: Collaboration · CTF Teams · Internships"
📧 Reach me via LinkedIn → linkedin.com/in/ellprofessor
🌐 Portfolio → ahmad-essam.vercel.app
📍 Based in → Amman, Jordan 🇯🇴
🗣️ Languages → Arabic (Native) · English (Professional)
"I don't memorize tools. I understand systems."