// Open to opportunities

Alaaeddine Knani

Offensive Security Engineer with 5+ years of experience identifying and mitigating security vulnerabilities. 4x CVE publisher, CTF champion across MENA and global competitions. Passionate about breaking things to make them stronger.

Get in Touch Download Resume LinkedIn GitHub

0

CTF 1st Places

0

Years Experience

0

CVEs Published

0

Certifications

// About Me

Who Am I?

$ whoami

alaaeddine.knani


$ cat role.txt

Offensive Security Engineer @ ODDO BHF

Cybersecurity Consultant (Freelance)


$ cat location.txt

Tunis, Tunisia


$ echo $LANGUAGES

Arabic (Native) | English (Bilingual) | French (Bilingual)


$ cat education.txt

B.Eng Network Security - Tek-Up University

B.Sc Computer Networks - ISITCom Sousse

Breaking Systems to Build Stronger Ones

I'm a cybersecurity professional with a deep passion for offensive security, vulnerability research, and competitive hacking. I've spent years dissecting systems at ODDO BHF while dominating CTF competitions across the MENA region.

My work spans proactive vulnerability management, secure code review, SIEM deployment aligned with ISO 27001, and cyber threat intelligence. As a freelance consultant, I investigate cyber threats and build resilient defense strategies.

Offensive Security Incident Response Threat Intelligence SIEM / ISO 27001 Secure Code Review Digital Forensics

// Experience

Work History

March 2023 - Present

Offensive Security Engineer

ODDO BHF — Tunis, Tunisia

  • Collaborate with security teams on proactive vulnerability management, secure code review, and Cyber Threat Intelligence (CTI) initiatives
  • Deploy and manage SIEM solutions aligned with ISO 27001 standards to strengthen security posture and streamline threat detection & response
  • Work within teams of 25-30 members to protect and harden digital assets
June 2021 - Present

Cybersecurity Consultant

Freelance — Remote

  • Investigate cyber threats and formulate protection strategies including incident response and data recovery protocols
  • Conduct system penetration tests to identify vulnerabilities and harden defenses, ensuring the protection of critical information

// Arsenal

Skills & Tools

🔍

Offensive Security

Penetration Testing Web Exploitation Threat Modeling Risk Assessment
🔬

Digital Forensics & IR

Forensic Analysis Incident Response Volatility Autopsy
🛠

Security Platforms

QRadar (SIEM) CrowdStrike Checkmarx Reporting & Docs
💻

Operating Systems

Unix / Linux Windows macOS

// Hall of Fame

CTF Achievements

Competing and winning across international cybersecurity competitions

🏆
1st Place

CSAW MENA Finals

2024 — Abu Dhabi

🏆
1st Place

CyberTek CTF

2025

🏆
1st Place

SPARK CTF

2024

🏆
1st Place

Al-Farahidi Cybersecurity Competition

2023 — Arab ICT Organization

🥈
2nd Place

CSAW MENA

2022 — Qualified to Dubai

🏆
1st Place

CyberTalents Tunisia

2020 — Qualified to Egypt

🏆
1st Regional • 5th Worldwide

Securinets CTF

2020

🏆
1st Place

National Cybersecurity Congress CTF

2020

// Security Research

CVE Discoveries

Vulnerabilities responsibly disclosed and assigned CVE identifiers

CVE ID Vulnerability CVSS Date
CVE-2026-1512 Essential Addons for Elementor <= 6.5.9 — Authenticated (Contributor+) Stored Cross-Site Scripting via Info Box Widget 6.4 Feb 13, 2026
CVE-2026-1271 ProfileGrid <= 5.9.7.2 — Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Profile and Cover Image Modification 5.3 Feb 4, 2026
CVE-2026-1210 Happy Addons for Elementor <= 3.20.7 — Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field 6.4 Feb 2, 2026
CVE-2025-68999 Happy Addons for Elementor <= 3.20.4 — Authenticated (Contributor+) SQL Injection 8.5 Jan 23, 2026

// Credentials

Certifications

🖥

CDAPen

The SecOps Group • #10991584

February 2026

🔐

CAPenX

The SecOps Group • #10962757

February 2026

📱

CMPen-Android

The SecOps Group • #10857491

December 2025

🌐

eWPTXv3

INE Security • #144374037

May 2025

💻

ISO 27001 Lead Implementer

PECB • ISPI1139769-2023-12

December 2023

🛠

eJPTv2

INE • #3a79731b

April 2023

// Get in Touch

Let's Connect

Open to security consulting, CTF collaborations, and new opportunities

Email

knaniaalaeddine@gmail.com
👥

LinkedIn

knani-alaaeddine
📞

Phone

(+216) 26 909 519