Skip to content
View AliAlMansorisec's full-sized avatar

Block or report AliAlMansorisec

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
AliAlMansorisec/README.md

Typing SVG


▸ About Me

Name        : Ali Al-Mansori
Handle      : AliAlMansoriSec
Role        : Security Researcher / Offensive Security Analyst
Speciality  : Web • API • Android Security • Bug Bounty
Experience  : Since 2023
Platform    : الفكر السيبراني — Cybersecurity Education (Arabic)
Status      : Open to Remote Freelance & Collaboration

▸ Skills & Tools

— Exploitation & Testing —

— Recon & OSINT —

— Android & Mobile —

— Automation & Scripting —

▸ Projects

# Project Description Status
01 🧭 Web Pentest Methodology Full professional workflow: Recon → Enumeration → Exploitation → Reporting ✅ Active
02 ⚙️ WPT-Workflow-Manager Automation scripts for pentest workflow, project structure & recon ops ✅ Active
03 📖 OWASP Web Top 10 — Deep Dive Full notes per vulnerability: definition, real examples, detection, exploitation, fix 🔄 In Progress
04 🔌 OWASP API Security Top 10 Complete API security notes with labs: crAPI, DVWS, PortSwigger 📅 Planned
05 📱 Android Pentesting Notes Methodology + tools + real APK analysis labs 📅 Planned
06 🏆 CTF Writeups Documented solutions for TryHackMe, HackTheBox, and competitions 📅 Planned
07 🐛 Bug Bounty Findings Real-world vulnerability reports (HackerOne / Bugcrowd) 📅 Planned

▸ Knowledge Base (Self-Study Certifications)

No certification is just a paper — here is the actual knowledge, documented.

Certification Topics Covered Notes Status
eJPT (eLearnSecurity) Network pentesting, web basics, enumeration 📁 Notes 📅 Planned
OSWA (Offensive Security) Web app attacks, advanced exploitation 📁 Notes 📅 Planned
PNPT (TCM Security) Full pentest cycle, reporting, OSINT 📁 Notes 📅 Planned
CEH Security concepts, ethical hacking theory 📁 Notes 📅 Planned

▸ Roadmap

2023 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ NOW
  │
  ├─ ✅  Web Pentesting Foundation
  ├─ ✅  Built: Web Pentest Methodology (GitHub)
  ├─ ✅  Launched: الفكر السيبراني Platform
  ├─ ✅  Tools Mastery: Burp, Nmap, SQLMap, FFUF, Nuclei
  │
  ├─ 🔄  OWASP Web Top 10 — Full Documentation
  ├─ 📅  OWASP API Security Top 10 — Full Documentation
  ├─ 📅  Android Pentesting — Notes & Labs
  ├─ 📅  CTF Writeups (TryHackMe / HackTheBox)
  ├─ 📅  Bug Bounty — First Finding (HackerOne / Bugcrowd)
  ├─ 📅  Build Volunteer CTF Team (الفكر السيبراني community)
  └─ 📅  Remote Freelance Position — Web & API Pentester

▸ Portfolio

🌐 Personal Portfolio

Personal cybersecurity profile
showcasing skills, projects, and research.

🔗 your-personal-site.com

🧠 الفكر السيبراني

Arabic cybersecurity education platform.
Tutorials, blog content, and security services.

🔗 cyber-thought.vercel.app/ar

▸ GitHub Stats

▸ Connect

Popular repositories Loading

  1. Web-Pentest-Methodology Web-Pentest-Methodology Public

    Web Penetration Testing Methodology by Ali Al-Mansori — web-pentester and Bug Bounty Hunter

    Shell 1

  2. PortSwigger-Writeups PortSwigger-Writeups Public

    "PortSwigger lab write-ups with clear steps, analysis, and remediation. Sharing knowledge to help others learn"

  3. OWASP-Top-10-2025 OWASP-Top-10-2025 Public

    Advanced OWASP Top 10 (2025) Web Security Notes & Pentesting Methodology with real-world attack mindset, practical discovery techniques, and offensive security workflows.

  4. AliAlMansorisec AliAlMansorisec Public

  5. AliAlMansorisec.github.io AliAlMansorisec.github.io Public

    HTML

  6. ecommerce ecommerce Public