Researcher’s ledger

Abdullah Kareem

known as CyberKareem

Security Researcher
and Penetration Tester

Public sources reviewed
11 Jul 2026

I find security flaws, build practical tools, and explain how systems break.

I’m Abdullah Kareem—CyberKareem—a penetration tester and offensive security researcher working across web, mobile, infrastructure, and coordinated vulnerability disclosure.

Verified public record

published Finder-credited advisories
14
Including 6 public CVE assignments
HTB XP · Level 105
Grandmaster II
Labs: Pro Hacker · global #371

Working method · 02

Research, assess, explain.

01

Research

Find and validate vulnerabilities, coordinate disclosure, and document the public record.

02

Assess

Conduct authorized testing across web, mobile, infrastructure, and Active Directory.

03

Explain

Turn technical impact into clear remediation, practical tools, and useful writing.

Available engagements · 03

Security assessments built around the system carrying the risk.

Defined-scope, authorized testing with reproducible evidence, prioritized reporting, and a clear remediation path.

  • 01Web applications & APIs
  • 02Mobile applications
  • 03Network, identity & wireless
  • 04Smart-contract scope review & specialist referral
  • 05AppSec & security advisory

Public evidence · 04

Selected disclosures

Fourteen published Finder credits, including six public CVE assignments.Open all 14 primary records

Selected work · 05

Practical tools.

Open projects page

Additional repositories remain outside the featured set until their documentation, safety claims, and example data complete a public-readiness review.

Writing archive · 06

The archive is moving home.

The Medium archive is being recovered and reviewed before it becomes an owned library on cyberkareem.com. Only the audited migrated count will be published; new CVE writeups will join the approved labs, tooling, and security-engineering material.

  • Vulnerability research
  • Hands-on labs
  • Tools and methods
View the recovery inventory

Enterprise foundation · 07

Offensive research grounded in operational reality.

Before moving into dedicated penetration-testing and security research roles, I spent eight years working across enterprise IT, infrastructure, and security operations at UNAMI.

That foundation shapes the work today: validate impact carefully, communicate it clearly, and make remediation useful to the people responsible for fixing the system.

  • Researcher
  • Penetration tester
  • Builder
  • Educator
Read the full background

Choose the right path

Authorized assessment or coordinated disclosure.

Commercial enquiries begin with fit and scope. Vulnerability reports begin with a safe private channel. Neither path starts with sensitive detail in public.