0xCyberY | Abdullah Baghuth — Cybersecurity Engineer
🟢 Available for Security Engagements

Abdullah Baghuth

// Senior Security Engineer @ COGNNA · Riyadh, SA

Security Architecture · Detection Engineering · DFIR · Cloud Security (GCP) · Published CVE Researcher

scroll

Who I Am

Senior Security Engineer with 5+ years of experience across security architecture, detection engineering, and digital forensics & incident response (DFIR). I specialize in securing enterprise and cloud environments on GCP, optimising EDR stacks, and engineering detection coverage in Google SecOps (Chronicle).

At COGNNA (Riyadh) I lead security architecture design, build SIEM detection rules and dashboards, automate workflows with n8n, and manage the full incident lifecycle — from compromise assessment to remediation tracking. I have also published three critical CVEs (CVE-2022-2921, CVE-2022-2927, CVE-2022-2888) through responsible disclosure on Huntr.dev.

A strong believer in the power of open knowledge — every CVE report, blog writeup, and open-source tool is my contribution back to the community that shaped me.

🛡️ Core Competencies

Cloud Security (GCP)
Security Architecture
Google SecOps / Chronicle
DFIR & Velociraptor
Threat Detection & Hunting
EDR Management
MITRE ATT&CK
Python / PowerShell / Bash
DevSecOps & CI/CD
Vuln. Management
Security Automation (n8n)
CVE Research

Featured Work

🔐

Ethical Hacking Toolkit (EHTK)

A comprehensive open-source collection of tools, cheat sheets, and resources for ethical hackers and penetration testers. Covers CEH, OSCP, eCPPT, and PNPT frameworks — battle-tested in real engagements.

#PenetrationTesting #OSCP #OpenSource
View Project →
🐧

Linux Commands Reference

A curated, practical guide to the most essential Linux commands for security professionals and system administrators — battle-tested in real pentesting engagements and designed for rapid field reference.

#Linux #Sysadmin #CLI
View Project →
📊

Elastic-Case BlueTeam Challenge

Published SOC/Blue Team challenge on CyberDefenders using the ELK stack. Helps defenders practice real-world incident response, log analysis, and threat hunting scenarios in a safe environment.

#BlueTeam #SIEM #SOC
View Project →
🗺️

MITRE ATT&CK Research & Tooling

Active research and contributions to MITRE ATT&CK-aligned tooling and threat modeling. Uses Mitre-Assistant to map adversary TTPs, build detection strategies, and validate security controls.

#MitreATTCK #ThreatIntel #PurpleTeam
View Research →
✍️

Cybersecurity Blog

Technical writeups covering malware analysis, Windows internals, DFIR techniques, CTF walkthroughs, and adversary simulation — all freely shared with the community to advance collective knowledge.

#Blogging #CTF #DFIR
Read Blog →

Certifications & Achievements

✅ Certified

Google Cloud Security

Professional Cloud Security Engineer

Google PCSE

Validates expertise in designing and implementing secure infrastructure on GCP — IAM, data protection, network security, and governance controls.

Verify Credential →
✅ Certified

Google SecOps Engineer

Professional Security Operations Engineer

Google PSOE

Validates expertise in security operations, threat detection, Chronicle SIEM, and building detection-as-code pipelines in Google SecOps.

Verify Credential →
✅ Certified

CCD

Certified CyberDefender — CyberDefenders

Certified CyberDefender

Demonstrates Blue Team skills in threat hunting, SOC operations, log analysis, and incident response across real-world scenarios.

View Platform →
✅ Certified

CEH v11

Certified Ethical Hacker — EC-Council

CEH v11

Covers all 20 ethical hacking domains — from footprinting and network scanning to malware analysis and social engineering.

Verify Credential →
✅ Published

CVE Researcher

Huntr.dev · 3 Critical CVEs

CVE-2022-2921 · 2927 · 2888

Published three critical CVEs through responsible disclosure on Huntr.dev. Collaborated with development teams to guide mitigation strategies.

View Profile →
✅ Author

CyberDefenders

Blue Team Challenge Author & CCD

CyberDefenders Contributor

Published the Elastic-Case Blue Team challenge using ELK stack. Helps SOC analysts practice real-world incident response and log analysis.

View Challenge →

🔗 For verified credentials visit linkedin.com/in/abdullah-baghuth

Let's Connect

$ whoami --contact

Whether you're looking for a penetration tester, want to collaborate on security research, or just want to talk about the latest threat landscape — my inbox is always open.

📧 abdullahsalem7737@gmail.com

© 2025 Abdullah Baghuth · 0xCyberY · Built with ❤️

Riyadh, Saudi Arabia  ·  GitHub  ·  LinkedIn