About Me

  • Full Name:Tahaa Farooq
  • Phone:+255 XXX XXX XXX
  • Email:[email protected]
  • Website:www.tahaafarooq.dev
  • Address:[REDACTED]

Hello There!

I am a seasoned cybersecurity professional with a distinguished track record, possessing certifications including eJPT, eCPPT, OSCP, CRTP, and multiple HTB Pro Labs Certifications. Boasting nearly five years of industry experience, my primary focus is on red team operations and adversary emulations. I have collaborated with diverse organizations across sectors such as Finance, Education, Health, and Government, employing a proactive approach to securing client assets with the guiding principle "I SECURE SYSTEMS TO STRENGTHEN DEFENSES."

In addition to my cybersecurity specialization, I am a passionate programmer and software developer. My expertise extends to the development of web/mobile applications, APIs, games, desktop applications, and embedded software. This dual proficiency enables me to create software and tools that contribute to the cybersecurity domain. Notable projects include Param-Ninja, Artemis, PAM, and FlameBox; for a comprehensive overview of my repositories, I invite you to explore my Github profile.

Moreover, I hold three CVEs under my name, validating my commitment to identifying and addressing critical vulnerabilities. These CVEs are: "CVE-2023-43960", "CVE-2023-43959" and "CVE-2023-52275". My dedication to research extends to exploring both emerging and established cybersecurity threats, further showcased on my blog.

In summary, my multifaceted skill set, industry experience, and commitment to excellence make me a valuable asset in cybersecurity and software development. For further insights into my work, projects, and research, please visit my GitHub profile and blog.

My Resume

  • Work Experience

  • CyberSecurity Analyst/Researcher

    Tanzania Communications Regulatory Authority (TCRA) [TZ] - 2021 [DEC] - 2024 [PRES]

    Perform researches on emerging technology as well as known technologies, but also perform pentest on provided assets and perform threat intelligence to oversee threats as well as collaborate with TZ-CERT!

  • Malware Analysis & Reverse Engineering Author

    eForensics Magazine [PL] - 2022 - 2022 [Dec]

    Author in deep topics in malware analysis and reverse engineering concepts.

  • Penetration Testing Team Lead

    Hack-IT Consultancy [TZ] - 2021 - 2022

    Orchestrating the team in performing a comprehensive penetration testing exercise.

  • CyberSecurity Content Engineer

    Hack-IT Consultancy [TZ] - 2020 - 2021

    Author and manage CTFs and servers hosting and deploying CTF challenges.

  • Education

  • BsC in Computing


    Pursue my bachelor's degree at [redacted] university

  • Certifications

  • Certified Red Team Operator

    Zeropoint Security - [June] 2024

    Passed the exam and got certified with CRTO.

  • Offensive Security Wireless Professional

    OffSec - [MAY] 2024

    Passed the exam and got certified with OSWP.

  • Kali Linux Certified Professional

    OffSec - [APR] 2024

    Passed the exam and got certified with KLCP.

  • Offensive Security Certified Professional

    OffSec - [Aug] 2023

    Passed the exam and got certified with OSCP.

  • eLearnSecurity Junior Penetration Tester

    INE Security - [MAR] 2023

    Passed the exam and got certified with eJPT.

My Services

Software Development

Transform your concept into reality with tailored software solutions!

Red Team & Adversary Emulation

Elevate your cybersecurity defense with strategic red teaming and adversary emulation services.

Malware Analysis

Unlock insights into cyber threats: Discover how intruders gained access and fortify your defenses against ransomware and malware.

Penetration Testing

I'll give to you the most comprehensive thorough pentest you have ever had unless it's from Mandiant 🥲


Empower your team with tailored cybersecurity education—suitable for groups exceeding 10 participants. Covering a diverse array of concepts and topics, I offer comprehensive training sessions to enhance your team's proficiency in cybersecurity.


Navigating the cybersecurity landscape for your business can be complex. If you find yourself seeking guidance and insights tailored to your specific challenges, my consultation services are at your disposal.

My Recent Blogs

Here is a list of what I recently just wrote on about my researches and activities I come accross the internet

Reverse Engineering Solar-PuTTY

Solar-PuTTY is a standalone free terminal emulator and network file transfer tool based on the well-known PuTTY for Windows. ... Basically it can ...

Bypassing Gallery3D in Tecno Camon X

Bypassing Gallary3D (Hidden Images Feature) In TECNO Camon X. A lil' Bit About It; Let The Fun Begin.

YeaLink Auth Command Injection

Just unconvered a vulnerability that existed in Yealink SIP-TXXX, This vulnerability leads to RCE , but it's Authenticated meaning you must be ...