https://ayoubsafa.com/AppSec Engineer • Security Researcher 2026-02-11T12:58:12+00:00 Ayoub Safa https://ayoubsafa.com/ Jekyll © 2026 Ayoub Safa /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png 2025-01-30T17:00:00+00:00 2025-01-30T17:00:00+00:00 https://ayoubsafa.com/posts/Neo4j_injection_(Cypher-Injection)/ Ayoub Safa

Hi everyone, It’s been a while since I wrote a proper write-up. So recently I came across a class of vulnerability I’d never seen before, even after 10+ years poking at web apps. At first I assumed it was SQL injection, but it wasn’t. It turned out to be Neo4j / Cypher injection, a thing a lot of people overlook. In this write-up, I’ll walk you through how I identified and exploited this vuln...

2023-07-08T16:00:00+01:00 2023-07-08T16:00:00+01:00 https://ayoubsafa.com/posts/SteelCon-Talk-2023/ Ayoub Safa

Most web applications today are protected by WAFs, making it challenging for pentesters to test for payload-based vulnerabilities like SQL Injection and XSS. Additionally, automated tools and scanners can easily identify some of these vulnerabilities, making it even more challenging for bug bounty hunters to find such issues. In this talk, we will discuss a different class of vulnerabilities t...

2023-07-08T16:00:00+01:00 2023-07-08T16:00:00+01:00 https://ayoubsafa.com/posts/Bsides-Leeds-Talk-2023/ Ayoub Safa

Account takeover attacks are a serious threat to individuals and organizations and are becoming increasingly common. In order to stay ahead of cybercriminals, it is important for Developers and Pentesters to have a strong understanding of advanced and uncommon techniques for performing account takeover attacks. In this talk, we will explore a range of techniques that are not commonly known or ...

2021-10-15T18:00:00+01:00 2021-10-15T18:00:00+01:00 https://ayoubsafa.com/posts/Story-of-Command_injection_worth_$7500/ Ayoub Safa

Command injection is a type of vulnerability that allows an attacker to execute arbitrary system commands on a vulnerable server. This type of attack occurs when an application fails to properly validate user input and passes it to a command shell, which can be exploited by an attacker to run malicious commands. Recently, I came across a private program on HackerOne that was vulnerable to comm...

2020-05-07T18:00:00+01:00 2020-05-07T18:00:00+01:00 https://ayoubsafa.com/posts/The-Bad-Twin-a-peculiar-case-of-JWT-exploitation-scenario/ Ayoub Safa

Hey Everyone, Hope you’re doing well. It’s been a While since my first write-up, I hope you learn something new from this one and enjoy it. This post presents a new technique to exploit a bad implementation of JWT under specific circumstances, which allowed me to perform an Account Takeover attack and score a nice $3000 bounty. This is a simple yet very interesting thing I found, that’s why I...