eJPT Certified · Top 12 NCSC Jordan

BaderAlzoubi

Cybersecurity Specialist · Penetration Tester · IT Infrastructure

Offensive security practitioner with real hands-on depth — from founding a national CTF team to disclosing critical vulnerabilities and deploying edge IoT security systems from scratch.

Get In Touch GlitchPub ↗

There’s a Glitch Wherever You Look

bad👑₲lï†¢h👑bad:~$ cat profile.json

{

"name": "Bader Alzoubi",

"role": "Cybersecurity Specialist",

"cert": "eJPT — INE Security",

"location": "Jordan 🇯🇴",

"team": "Team Glitch",

"ncsc_rank": "Top 12 — Jordan",

"bug_bounty": true,

"blog": "glitchpub.com"

}

bad👑₲lï†¢h👑bad:~$

Technical Arsenal

Skills & Capabilities

Offensive Security

Penetration TestingVuln Assessment ExploitationPrivilege Escalation Post-ExploitationReverse Engineering Malware AnalysisDigital Forensics

Web Security

Blind SQL InjectionWAF Bypass XSSIDOR OWASP Top 10Burp Suite SQLMapFFUFGobuster

Network & Infrastructure

TCP/IPOSI Model VLANsRouting & Switching WiresharkNmap FortinetCisco IOS

Exploitation & Frameworks

MetasploitExploit-DB Manual ExploitationCVE Research Active DirectorySIEM Concepts Threat Hunting

Automation & Development

PythonBash Scripting JavaScriptPHP C/C++Socket Programming Browser Extensions

Embedded & Systems

Raspberry PiLinux Admin DockerIoT Integration ARM HardwareSOC L1 Incident Response

Build & Research

Projects & Achievements

★ Capstone · JUST 2026

UniSec-Edge — IoT Edge Security System

A unified, low-cost edge cybersecurity framework built on Raspberry Pi 5, targeting SOHO and IoT environments where traditional security infrastructure is inadequate or cost-prohibitive.

Raspberry Pi 5Suricata IDS Tor GatewayHoneypot DockerARM Hardware

Deployed containerized stack: Suricata IDS + selective Tor gateway + high-interaction honeypot — simultaneously on ARM with minimal latency.
Cross-referenced IDS and honeypot logs to reduce false-positive alert rates against evolving threat patterns.
Proved viability of ARM embedded devices as enterprise-capable security hardware with deep packet inspection.
Delivered encrypted traffic analysis at a fraction of traditional appliance cost.

Leadership · Competitive CTF

Team Glitch — NCSC Cyber Warriors

Founded and led a competitive cybersecurity team across 3 consecutive NCSC-Jordan national competition editions.

Top 12 national ranking in Jordan — among the strongest cybersecurity teams in the country.
Directed strategy across web exploitation, penetration testing, reverse engineering, and network forensics.

CTFPenetration Testing Reverse EngineeringNCSC Jordan

Bug Bounty · Responsible Disclosure

Critical Infrastructure Vulnerability

Identified and responsibly disclosed a critical security vulnerability in a university's internal infrastructure.

Developed proof-of-concept confirming impact and risk severity before reporting through official channels.
Awarded a financial bug bounty; delivered structured remediation guidance for security hardening.

Manual AnalysisPoC DevelopmentRemediation Report

Web Pentesting · Research

Blind SQLi & WAF Evasion Research

Engineered and executed Blind SQL Injection attack chains against target applications without direct error-based feedback.

Applied WAF bypass techniques: parameter obfuscation, encoding manipulation, HTTP header injection.
Documented all findings in structured reports with CVSS severity and remediation steps.

Blind SQLiWAF Bypass SQLMapManual Exploitation

Development · Automation

Browser-Based Automation System

Designed a local browser extension from scratch to automate repetitive operational workflows with near-complete process control.

Engineered event-driven logic for dynamic page states, data extraction, API interaction, and automated sequences.
Significantly reduced manual overhead across multi-step workflows with zero external dependencies.

JavaScriptBrowser APIsEvent-Driven

Publication · Research

GlitchPub — Technical Security Blog

Founded and maintain a technical security publication covering CTF writeups, penetration testing walkthroughs, and offensive security research.

Targets the practitioner community — bridging raw technique with structured, reproducible methodology.
Published coverage of vulnerability research and offensive tradecraft.

CTF WriteupsVuln Research Technical Writing glitchpub.com ↗

Work History

Professional Experience

2021 – 2023 · 2 Years 4 Months

Safety & Security Operations Specialist

Multi-Regional Operations

Monitored and triaged live safety and security incidents across multi-regional operations, applying structured incident response procedures to mitigate risk in real time.
Operated in a SOC-adjacent capacity — evaluating incoming security events, escalating critical cases with precise documentation and timeline reconstruction, coordinating with cross-functional teams under strict SLAs.
Served as Floor Support lead, providing live operational guidance during high-pressure incidents and building crisis communication skills directly transferable to a Security Operations Center.
Managed high-volume bilingual (Arabic/English) security communications with accuracy under sustained operational pressure.

Education

Bachelor of Science in Cybersecurity

Jordan University of Science & Technology (JUST) · Irbid, Jordan

Coursework spanning network security, reverse engineering, cryptography, digital forensics, and secure software development — complemented by active lab practice, competitive CTF participation, and the UniSec-Edge capstone project.

Network SecurityReverse Engineering CryptographyDigital Forensics

2022 – Present