Khaled Nassar is an Offensive Security Engineer with 7 years of hands-on experience in penetration testing, security automation, and DevSecOps integration, currently leading Security R&D. He has delivered assessments across web, mobile, APIs and network stacks while building ASM, PTaaS and dark web monitoring solutions that streamline CI/CD security practices. Proficient in Python, JavaScript, Rust, C, Java and Bash, Khaled contributes open-source tooling—such as backend work on SQLiDetector and ScanT3r—that automates vulnerability discovery and reporting. His background spans bug bounty hunting at HackerOne to commercial engagements, giving him a pragmatic attacker-first perspective that drives actionable remediation. Based in Egypt with a law degree, he combines technical depth with an uncommon appreciation for compliance and threat surface management.
7 years of coding experience
2 years of employment as a software developer
Bachelor of Laws - LLB, Law, Bachelor of Laws - LLB, Law at Tanta University
Contributions:29 releases, 2 reviews, 707 commits in 1 year 8 months
Contributions summary:Khaled primarily focused on developing the backend API and functionality for the ScanT3r tool. Their commits demonstrate work on API endpoints using Flask, including index.html, and adding features, for example, the '-f' option, to parse and use headers from a file. The user also made contributions to the core functionality of the tool, updating the data and implementing different modules in python.
Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases.
Role in this project:
Backend Developer
Contributions:1 review, 18 commits, 7 PRs in 9 days
Contributions summary:Khaled primarily focused on developing the core functionality of the SQL injection detection tool. Their contributions include setting up the application structure, defining command-line interface options, integrating error detection logic, and writing report generation capabilities. The user also introduced headers configuration and improved the overall code quality by applying formatting.
pythonbugbountyinjectionsendingpatterns
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.