Skip to content
View kassemfrache-sec's full-sized avatar

Block or report kassemfrache-sec

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
kassemfrache-sec/README.md

Kassem Frache

Cybersecurity Student · Aspiring Penetration Tester
Web Application Security · Red Teaming · Networks

👋 About me I'm a cybersecurity student focused on the offensive side of security penetration testing, web application security, and red teaming. What pulled me in was curiosity: understanding how attacks actually work, how systems get compromised, and what's really happening beneath the surface. Learning to think like an attacker has changed how I see every system around me. My goal is to grow into a professional penetration tester, and this GitHub is where I document the journey.


Currently learning:

image Linux/Windows fundamentals (CLI, PS)

image Networking (OSI model, Protocols, Ports, etc)

image Active Directory

image Adversarial Methodology

image Defensive Methodology

image Web application vulnerabilities (OWASP Top 10)

image Python & Bash scripting for security


🛠️ Toolbox (learning)


🎯 Practicing on

VMware


📚 Lab write-ups — Write-ups

📚 Learning Logs — Ongoing study notes


🗺️ Roadmap

image TryHackMe Path

Paths Status
Pre Security 🏃 In-Progress
Cyber Security 101 Not started
Jr Penetration Tester Not started
SOC Level 1 Not started

image PortSwigger Path

Paths Status
Web cache deception Not started
WebSockets vulnerabilities Not started
Authentication vulnerabilities Not started
Server-side request forgery attacks (SSRF) Not started
Prototype pollution Not started
Clickjacking (UI redressing) Not started
GrapgQL API vulnerabilities Not started
Cross-origin resource sharing (CORS) Not started
Path traversal Not started

📜 In-progress certifications

Certifications Status Source
SEC0 Not acquired TryHackMe
PT1 Not acquired TryHackMe
SAL1 Not acquired TryHackMe
eJPT Not acquired INE Security
CompTIA Network+ Not acquired CompTIA
CompTIA Security+ Not acquired CompTIA

📫 Connect

"You can't defend what you don't understand."

Popular repositories Loading

  1. kassemfrache-sec kassemfrache-sec Public

    AboutMe

  2. write-ups write-ups Public

    This is where I document any labs and CTFs I solve in the future (Also still under construction 🥲)

  3. learning-journal learning-journal Public

    What I learn across many platforms and paths (Still under construction 😁)