Security researcher, builder, ultra-trail runner. I break into complex systems for a living, build apps from scratch, and run 80km races for fun.
What I do in every context is the same gesture,go toward what resists, hold on, and come back with something clean. Whether it's a vulnerability buried in a system, 80 kilometers on a trail, or an app built line by line.
I don't do rough drafts. I don't do slow. I chase what most people avoid, and I make it simple.
Penetration Testing
Comprehensive security assessments of web applications, APIs, and infrastructure. I uncover vulnerabilities before attackers do.
Security Consulting
Architecture review, threat modeling, and actionable security guidance for your engineering team.
Training & Talks
Corporate training sessions and conference talks on web security, secure coding, and threat awareness.
Blog↗
Weekly writing about my life, my challenges, what I'm building. A public construction journal,honest, unfiltered.
Recognition
About
I'm Cassim Khouani, 25, based in Paris. Full-time bug bounty hunter specializing in access control and business logic vulnerabilities. Developer, solo entrepreneur, ultra-trail runner.
With over 5 years in cybersecurity, I'm currently ranked in the Top 30 on YesWeHack, Europe's leading bug bounty platform. I'm also active on HackerOne and Intigriti.
I hold a Master's degree in Computer Science from Grenoble INP ENSIMAG, with an exchange at POSTECH in South Korea. My background combines offensive security research with software development.
Get in touch
Looking for a pentester or security consultant? Want to talk about building, running, or breaking things? Reach out.