l3benn

Chiheb MAHFOUDH

Security researcher & CTF enthusiast

Second-year Computer Networks and Telecommunications student at ISETCOM with a strong passion for Offensive Security, Penetration Testing, Active Directory security, and Red Teaming. Holder of industry-recognized certifications including HTB CPTS, HTB CWES, and CRTP. Hands-on experience through CTF competitions, challenge authoring, enterprise AD labs, and DevSecOps internship experience integrating security into CI/CD pipelines.

6Writeups
3Certifications
3Cheatsheets

Latest Writeups

Continue Y/N — Cyber Maze Challenge V25

Multi-step exploitation chain: LFR → JWT forgery → SSRF → SQLi → RCE

ctfweblfijwt

How I Conquered the HTB CWES Exam in 3 Weeks

From Active Directory to bug bounties — my CWES certification journey

cert-journeycweshtbweb

SheSecured CTF — Access Denied

SSRF bypass using redirect rebinding to access internal endpoints

ctfwebssrfredirect

SheSecured CTF — Fama Mino?

SQL injection, LFI, and PHP filter chain to gain RCE

ctfwebsqlilfi

SheSecured CTF — Injection

Simple command injection in a ping utility

ctfwebcommand-injection

Ramadan's Spark CTF 2025 — Secure BankSys

SQL injection on a banking application

ctfwebsqli
View all writeups →

Explore