liix6 (L-966) · GitHub
Skip to content
View liix6's full-sized avatar
  • KSA

Block or report liix6

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
liix6/README.md

🛡 L-966 | Penetration Tester & Security Researcher

Web Security • Offensive Testing • Advanced Exploitation

Cyber GIF

Overview

I specialize in manual penetration testing and uncovering high-impact vulnerabilities through deep analysis of application logic.My focus is not just finding bugs — but turning them into real-world impact.

Aspiring Cybersecurity Researcher dedicated to strengthening national security and technological resilience. Possess deep technical expertise in vulnerability research, error analysis, and identifying critical security flaws with full-impact potential. Driven by a passion for securing sensitive data and fortifying national infrastructure against emerging threats."

  • Strength: Business Logic & Manual Testing
  • 🇸🇦 Mission: Strengthening digital & national infrastructure

🚀 Present Status

  • Still Learning Bug hunting & malware forensics
  • Writing Some Useful Tools For Myself & Communities
  • Currently Learning mobile pentesting & web3

⚔️ Core Expertise

  • Account Takeover (ATO) via logic flaws
  • Authentication & Authorization bypass
  • API Security Testing & API Key Leaks
  • Business Logic Vulnerabilities
  • Sensitive Data Exposure & Internal Mapping
  • Vulnerability Chaining (Multi-step exploitation)

🛠️ Tools & Environment

Recon & OSINT

  • Subfinder / Amass
  • Waybackurls
  • Advanced Google Dorking

💣 Knowledge Tools & Skills

### Web Exploitation

  • Burp Suite Professional (Manual Testing Expert)
  • FFUF (Fuzzing & Discovery)
  • Metasploit
  • Vulnerability Scanners
  • Exploitation Tools

🖥️ Environment

  • Kali Linux
  • Linux / Termux
  • Docker (Custom Labs)
  • Operating Syste
  • Metasploit

📡 Network & Analysis

  • Network Security Testing
  • Wireshark
  • Proxies & Traffic Analysis

Methodology

  • Recon → Attack Surface Mapping
  • Analyze → Break Logic & Trust Boundaries
  • Exploit → Chain Vulnerabilities
  • Impact → Full Compromise

🔴 Real Cases (Sanitized)

Account Takeover (ATO)

  • Improper Token Binding
  • Referer / State Confusion ➜ Full account compromise

Authentication Bypass

  • Token not bound to user/session ➜ Unauthorized access

SSRF

  • Redirect-based blacklist bypass
  • Internal network access (127.0.0.1 / SMB)

2FA/OTP Bypass

  • Client-side validation flaw ➜ Admin panel takeover

Sensitive Data Exposure

  • Next.js metadata leakage ➜ Internal data disclosure

📂 My Work

  • 📁 Recon Methodology
  • 📁 Payload Collections
  • 📁 Bug Reports (Sanitized Writeups)
  • 📁 Wayback & Archived Data Analysis

📊 GitHub Stats

🐍 Contributions Snake

snake

📫 Contact

  • Available for penetration testing & security research

"I don’t hunt for bugs — I hunt for impact."

Popular repositories Loading

  1. Offensive-Recon-Toolkit Offensive-Recon-Toolkit Public

  2. liix6 liix6 Public

  3. bugs-writeups bugs-writeups Public