DEV Community: MONSIF HMOURI

GhostTalk The Invisible Secure Messenger

MONSIF HMOURI — Wed, 04 Feb 2026 01:55:55 +0000

I’m sharing GhostTalk an experimental offline peer-to-peer secure messaging project I designed and developed.
The project focuses on direct device-to-device communication without servers or internet dependency exploring privacy encryption and decentralized communication in constrained environments.
🔗 Project repository:
https://github.com/monsifhmouri/GhostTalk
https://monsifhmouri.duckdns.org/
http://16.170.214.101:8000/

On the Ignorance and Negligence of Bugcrowd Staff – When Security Becomes a Joke!

MONSIF HMOURI — Mon, 01 Dec 2025 16:28:41 +0000

If you’re a serious security researcher in the Bug Bounty world, you’ve probably experienced this frustration: you spend sleepless nights, reverse-engineering code, discovering a real critical vulnerability (SSRF, info leak, auth bypass, whatever), writing a clear report with PoC and solid evidence. You submit it to Bugcrowd, and then some staff member (calling themselves a “triager” or “security analyst”) replies with a dumb canned response:

“We were unable to identify an immediate security impact, so this submission is not applicable. Please clarify: What could an attacker do?”

And if you reply with a detailed impact analysis, you get another robotic answer:
“We still don’t see direct impact.”

At that point, you start to wonder: Are these people even real security professionals, or are they just reading from a playbook and stalling for time?

Who Are the Bugcrowd Staff and Why Do They Act Like This?

Most of the triage or “support” staff at Bugcrowd aren’t hackers, and often lack hands-on offensive security background. Many are just IT graduates or people with a generic “security certification” or a management title. This is painfully obvious when you see them:

Failing to distinguish between a harmless info leak and a real credential/API/key exposure.

Thinking SSRF is “low risk” even when it gives full backend or AWS metadata access.

Asking you to repeat steps line by line as if you’re a child—or, more likely, because they’re just skimming your report!

Closing reports because they “don’t see immediate impact”, even when you provided direct PoC, screenshots, and logs.

Worst of all: Sometimes, when a European or US-based hacker submits the same vuln (but with pretty English), it’s instantly accepted and rewarded. But if you’re an Arab, African, or Asian researcher? Get ready for endless “not applicable” and “not impactful” responses.
That’s bias—and sometimes, straight-up discrimination disguised as “process”.

Why Is This Behavior Dangerous?

Loss of Trust: When triage is handled by people with no practical security experience, important vulnerabilities are dismissed, putting companies and users at risk.

Wasted Talent: Hundreds of hours spent by skilled researchers get thrown in the trash because of lazy or clueless staff who can’t see the real-world impact.

False Sense of Security: Bugcrowd gives its clients the illusion that they’re secure, while real vulnerabilities go unresolved—until a real attacker shows up!

A Message to Bugcrowd "Triagers" and Staff:

Shame on you! Without real security researchers, your platform is worthless. You’re just a middleman.

If you don’t have hands-on hacking experience, you have no business closing SSRF, key leaks, or other advanced reports.

Apply clear impact criteria to everyone—regardless of nationality, language, or background.

Take every report seriously. Don’t rely on canned responses or close tickets because you’re busy or don’t understand the technical details.

Advice for Real Bug Bounty Hunters:

Don’t let their ignorance demotivate you or convince you that your report is weak. You know the real impact of your work. If they had real offensive experience, they’d recognize the risk immediately.
Keep pushing back, escalate, file support tickets, and share your story (as long as it doesn’t violate NDA). Let the world know:
The real struggle for security researchers isn’t the bugs—it’s the clueless middlemen standing in the way.

Conclusion

Bugcrowd, like many platforms today, is full of triagers with no real-world hacking background. They’re just ticket processors, reading scripts, and the ones who suffer most are real security pros who waste time and energy for nothing.

If you feel frustrated by them, you’re not alone. The hacker community is bigger, smarter, and louder. If you speak up, they’ll have to change—or people will just move to better platforms.

Bugcrowd #InfoSec #CyberSecurity #CTF #EthicalHacking #SecurityResearch #ArabHackers #AfricaHackers #WhiteHat #Vulnerability #SecurityCommunity #BugBounty #SecurityAwareness #HackerLife #StopBias

🚨 BlackSun: Advanced Malware Simulation in C++ for Educational Use

MONSIF HMOURI — Sun, 20 Jul 2025 14:43:29 +0000

🚨 BlackSun: Advanced Malware Simulation in C++ for Educational Purposes

⚠️ Important Notice: This tool is strictly for educational and ethical research purposes only. It must not be used in real-world environments or for any malicious intent.

What is BlackSun?
BlackSun is an open-source project that simulates the behavior of advanced malware threats. It is entirely written in C++ and designed to provide a safe and isolated environment for understanding how real-world cyber threats operate. The project is ideal for learning, testing, and ethical cybersecurity research.

Key Features:

Self-propagation (Worm-like behavior)

AES-256 encryption for secure data handling

Process hollowing technique for stealth execution

Privilege escalation simulation

Advanced evasion and obfuscation methods

Custom payload generation

Self-deletion and anti-forensics capabilities

Getting Started:

Clone the repository from GitHub:
Link: https://github.com/monsifhmouri/BlackSun

Open the project using Visual Studio on a Windows system.

Follow the provided compilation settings in the repository to generate the executable file.

Why This Project Was Created:
BlackSun was developed to:

Safely demonstrate malware behavior in lab environments

Teach process injection and evasion techniques

Analyze privilege escalation methods

Train beginners in malware analysis and reverse engineering

License:
The project is licensed under the MIT License, allowing free use, modification, and distribution for non-malicious purposes.

Legal Disclaimer:
This project is strictly for educational use only.
The author is not responsible for any misuse or damage resulting from the use of this software. Use it at your own risk.

GitHub Repository:
https://github.com/monsifhmouri/BlackSun

Share and Support:
If you find this project useful or interesting, please consider giving it a ⭐ on GitHub and sharing it with the cybersecurity community.

🕷️ BlackHat MCA – Join the Other Side of the Network 🕷️

MONSIF HMOURI — Mon, 14 Jul 2025 21:37:39 +0000

In a world ruled by surveillance, corporate firewalls, and sanitized laws…
We’re not looking for heroes.
We’re looking for black minds — the real hackers.

Who Are We?
We are BlackHat MCA — an unconventional alliance of hackers from Morocco and beyond.
We’re not a whitehat community. We’re not InfoSec students.
We are the ones who break systems, read memory dumps, and turn digital silence into structured chaos.

Who Can Join?
If you understand that a packet is not just traffic — it's a weapon,

If you sleep next to your payloads and dream in terminals,

If you reject borders and laugh at artificial laws,

Then you’re welcome.

We don’t care about your certificates — we care about what’s inside your head, not on your resume.

Simple Rules:
No kids.

No morality police.

No copy-paste script kiddies.

No cooperation with any government entity.

Think You're One of Us?
We don’t beg. We observe.
But if you want to enter through the black gate, here it is:

👉 https://t.me/blackhatmca

⚠️ WARNING:
Once you join, the digital world will never look the same again.
You may enter... but there’s no turning back.

—

✒️ Mr. Monsif – Founder of BlackHat MCA

🚀 Welcome to the MCA Moroccan Cyber Alliance! 🛡️

MONSIF HMOURI — Wed, 05 Feb 2025 20:44:55 +0000

If you are passionate about cybersecurity, ethical hacking, and vulnerability discovery, you are in the right place! MCA Moroccan Cyber Alliance is an elite group of security researchers and ethical hackers working together to enhance cybersecurity and combat cyber attacks.

🔐 Our place is completely protected and cannot be hacked or eavesdropped. We work in a professional manner, discussing the latest technologies, attacks, and protection methods. Only serious people will be accepted and join our private and encrypted group.

📩 To join us, contact us via Telegram, and after verification, you will be directed to our private community:
👉 [https://t.me/monsifhmouri]

💀 MCA Moroccan Cyber Alliance - The Elite of Ethical Hacking! 💀

MCA (Moroccan Cyber Alliance) – Join the Future of Cybersecurity

MONSIF HMOURI — Tue, 04 Feb 2025 06:14:40 +0000

MCA (Moroccan Cyber Alliance) – Join the Future of Cybersecurity
Welcome to MCA – Moroccan Cyber Alliance
In an era of increasing cyber threats, cybersecurity has become the foundation for protecting data and digital infrastructures. MCA (Moroccan Cyber Alliance) is a Moroccan cybersecurity alliance dedicated to building a strong community of experts and enthusiasts committed to safeguarding the digital space from threats and cyber-attacks.

Who Are We?
We are a group of cybersecurity professionals and enthusiasts working to enhance knowledge, share expertise, and develop new skills in the field of cybersecurity. Led by Monsif, MCA aims to be a leading force in protecting companies, individuals, and institutions from digital risks.

Our Objectives:
✅ Raising Cyber Awareness: Educating individuals and businesses about cybersecurity importance.
✅ Vulnerability Analysis & Exploitation: Identifying and addressing security flaws.
✅ Ethical Hacking & Penetration Testing: Simulating attacks to improve security measures.
✅ Building a Strong Community: Connecting professionals and specialists in cybersecurity.
✅ Bug Bounty Participation: Engaging in security research and vulnerability detection.

Why Join Us?
🚀 Learn & Evolve: Develop your cybersecurity skills through hands-on experience and workshops.
🤝 Network with Experts: Connect with a community of researchers and security professionals.
💡 Contribute to Digital Security: Work on real-world projects to secure data and networks.

Join Us Now!
If you are passionate about cybersecurity and want to be part of MCA – Moroccan Cyber Alliance, we welcome you! Whether you're a beginner or an expert, you can participate and benefit from our strong community.

📩 For collaboration or inquiries, contact us via LinkedIn or send us a direct message.

From the Dark Web to Ethical Hacking: The Journey of Monsif Hmouri in Cybersecurity

MONSIF HMOURI — Thu, 30 Jan 2025 03:56:52 +0000

In the depths of the internet, where laws are often absent and illicit activities thrive, Monsif Hmouri embarked on his cybersecurity journey. A young and ambitious individual with an insatiable curiosity, he began his exploration in the dark web, studying and analyzing the techniques used by cybercriminals. However, instead of being drawn into the shadows, he chose a different path—one of ethical hacking, where his skills would be used to protect systems and secure the internet.

The Beginning: Exploring the Unknown
From a young age, Monsif was passionate about technology, spending countless hours analyzing code and understanding how systems functioned. His curiosity led him to explore the dark web, a hidden world where he learned about hacking methodologies and cyber threats. However, he soon realized that there was another, more constructive path he could follow—one that combined his love for technology with ethical principles.

Transitioning to Ethical Hacking
Over time, Monsif recognized the critical role of cybersecurity in protecting users and businesses from cyber threats. He decided to redirect his skills toward legal and ethical hacking, joining Bug Bounty platforms such as Bugcrowd and HackerOne. Through these programs, he started identifying security vulnerabilities and reporting them responsibly, contributing to a safer internet.

Achievements and Contributions
Throughout his career, Monsif has discovered numerous high-risk security vulnerabilities, earning recognition from leading tech companies for his contributions to cybersecurity. He has also become an active member of the ethical hacking community, working alongside other researchers to strengthen global cyber defenses.

Lessons Learned and Future Goals
Monsif Hmouri’s journey from the dark web to ethical hacking proves that knowledge can be directed toward positive and impactful change. The internet is not just a battlefield for hackers; it is also a platform for security experts to protect users and businesses. Today, Monsif continues his work as a cybersecurity researcher, committed to ethical hacking principles and striving to make the digital world safer.

Monsif Hmouri and Moroccan Black Cyber Army Hack Israeli Channel for Palestine

MONSIF HMOURI — Thu, 23 Jan 2025 22:58:04 +0000

In a groundbreaking cyber operation, Moroccan ethical hacker Monsif Hmouri and his team, the Moroccan Black Cyber Army, successfully hacked an Israeli channel as part of an online campaign to support the Palestinian cause. This operation sends a clear message to the digital world, emphasizing the team’s commitment to justice and their use of technology to advocate for human rights.

Speaking about the hack, Monsif Hmouri, a cybersecurity specialist and prominent participant in Bug Bounty programs, stated: "This is not just a cyber attack; it is a means to amplify the voices of Palestinians suffering under occupation. We aim to use our technical skills to stand up for human rights."

The Moroccan Black Cyber Army clarified that the goal of the operation was to highlight human rights violations in Palestine, asserting that their actions are peaceful and designed to raise awareness about the humanitarian crisis faced by Palestinians.

Technical Details
The operation was conducted using advanced penetration testing techniques, ensuring that no permanent damage was caused to the targeted systems. The team breached the system to display solidarity messages for the Palestinian people on the hacked channel, ensuring that user data remained secure and untouched.

Reactions
The operation gained significant attention on social media platforms, with many activists praising Monsif Hmouri and his team for their efforts to support just causes. However, the action also sparked debate, with some questioning the ethics of using cyberattacks to advocate for humanitarian issues.

Monsif Hmouri: A Message for Youth
In his closing statement, Monsif Hmouri said: "I want to send a message to young people that technology can be a powerful tool for positive change when used responsibly. Our goal should always be justice and peace."

Monsif Hmouri: Ethical Hacker and Cybersecurity Expert

MONSIF HMOURI — Thu, 23 Jan 2025 02:21:58 +0000

Full Name: Monsif Hmouri
Date of Birth: null
Place of Birth: null
Profession: Ethical Hacker, Cybersecurity Specialist

Biography

Monsif Hmouri is an expert in the field of cybersecurity, widely recognized for his contributions as an ethical hacker through his participation in international Bug Bounty programs. He helps companies and organizations identify security vulnerabilities in their systems. From the early days of his career in technology, Monsif Hmouri has become one of the prominent figures using technical skills to secure the internet and enhance the safety of digital systems.

Monsif Hmouri is also known for integrating technology with advocacy for humanitarian causes. He is particularly committed to the Palestinian cause and uses his digital platforms to raise awareness about social justice issues.

Professional Journey

Monsif is one of the leading ethical hackers in Morocco and the Arab world. Currently, he works with Bug Bounty programs, uncovering vulnerabilities in systems and networks. He has collaborated with major companies on cybersecurity projects and is well-known for offering consulting services to individuals and organizations to help safeguard their digital information.

His work in Bug Bounty programs reflects his dedication to the principles of ethical hacking, as he strives to protect the internet from malicious attacks and promote best practices in cybersecurity on a global scale.

Social and Professional Activities

Beyond his expertise in cybersecurity, Monsif Hmouri is an active social advocate. He uses his social media platforms to raise awareness about important political and social issues, such as the Palestinian cause. Through his videos and articles, he inspires others to use technology as a tool for social justice.

Monsif continues to enhance his skills and engage with the global community through his digital platforms. He shares knowledge about ethical hacking and cybersecurity while encouraging young people to pursue careers in this field.

Social Media and Online Presence

Through his accounts on platforms like LinkedIn, YouTube, Facebook, and Instagram, Monsif shares diverse content about cybersecurity, ethical hacking, and social issues. He aims to make a positive impact on his audience by educating them on how to protect themselves in the digital world.

LinkedIn: Monsif Hmouri on LinkedIn
YouTube: Monsif Hmouri’s YouTube Channel
Facebook: Monsif Hmouri on Facebook
Instagram: Monsif Hmouri on Instagram
Future Vision

Monsif Hmouri aspires to create a lasting impact in the field of cybersecurity while spreading awareness about significant humanitarian issues. Through his continuous efforts and participation in digital dialogues, he aims to make a difference in how cybersecurity is approached in the digital age.

Monsif Hmouri: The Ethical Hacker Transforming Cybersecurity and Advocating for Justice

MONSIF HMOURI — Wed, 22 Jan 2025 22:15:00 +0000

About Monsif Hmouri

Monsif Hmouri is a distinguished ethical hacker and cybersecurity specialist, celebrated for his remarkable contributions to digital security and social advocacy. Through his expertise in identifying vulnerabilities, Monsif has played a pivotal role in securing digital systems worldwide, participating in prestigious Bug Bounty programs, and collaborating with global organizations to prevent cyber threats.

Beyond the realm of technology, Monsif is a passionate advocate for human rights, particularly focusing on the Palestinian cause. His unique ability to combine technical skills with activism has made him a role model for aspiring ethical hackers and digital change-makers.

A Mission-Driven Professional
Monsif's journey into ethical hacking began with a vision to safeguard the digital space from malicious activities. By leveraging his skills, he aims to protect sensitive information, secure networks, and inspire the next generation of ethical hackers. His work is not limited to cybersecurity; he uses his platform to shed light on critical social issues, emphasizing justice, equality, and the responsible use of technology.

Connect with Monsif Hmouri
To stay updated with Monsif's latest projects and insights, follow him on his social media platforms:

LinkedIn
Instagram
YouTube
Facebook

Conclusion
Monsif Hmouri is more than just a cybersecurity expert; he is a visionary who merges technology and advocacy to create a safer, more equitable world. Whether securing systems or championing human rights, Monsif continues to inspire and lead by example, making a lasting impact on the digital and social landscape.