Who I Am

i’m Sabri Saleh


A hacker with ethics

Hello There!

In 2006, I started to get involved in some traditional PC hacking with zero knowledge about anything but what people in forums explain. Since then I have fallen in love with hacking life and started learning server and web application hacking, but, I felt always something was wrong, it's the absence of 'what, how and why' I was just trying to do what people explain. So, I stopped hacking, started to learn more about operating systems, network and programming. At the time I felt a bit satisfied with the basics that I should know, I got back to know more about information security, hacking and how to think out of the box, how to think evil for a good manner. And yeah, here I'm, a professional information security consultant, practicing every minute learning every second.

My goal at this stage is to lead a team of professional hackers that can be head to head with advanced malicious attacks to protect people from.

Thank you for being here.

Birthdate : 14/05/1985
Skype : kingsabri
Mobile : 56-985-9955
Email : king.sabri
Website : www.SabriSaleh.info
Adresse : Riyadh, KSA.

  • Hacker
  • Security Consultant
  • Coder

Experience & Employment

  • 01
    Sr. Information Security Consultant | Offensive Services Team Lead

    TechArch (2018-Present)

    ● Technical team lead.

    ● Develop and maintain services’ methodology, implementation approach and processes, and deliverable standards.

    ● Responsible about team’s services performance, quality and lead new strategies for improvements.

    ● Ensure the team works & deliver in compliance with defined processes.

    ● Assist in recruitment, performance evaluation, promotion, retention and termination activities.

    ● Identify skill gaps and lead appropriate training to team (soft and technical).

    ● Develop division budgets and operate within them.

    ● Empower team to participate in community services.

    ● Studying Information Security market.

    ● Creating and Enhancing security services quality and efficiency.

    ● Leading and orchestrate technical projects, tasks and processes.

    ● Evaluating and tuning consultants knowledge and skills.

    ● Red teaming and penetration testing.

    ● R & D.

    ● Secure Source code-review.

    ● Architecture and configurations review.

    ● Security training (penetration test, advanced web application attacks, OWASP awareness).

    ● Pre-sales activities.

  • 02
    Sr. Information Security Consultant | Penetration Tester

    TechArch (2014-Present)

    ● Technical team lead.

    ● Network & System penetration testing.

    ● Web application penetration testing.

    ● Architecture & configuration review.

    ● Source code review.

    ● Training: Pentest, Advanced web exploitation, OWASP awareness.

    ● Pre-sales activities.

  • 03
    Sr. Information Security Consultant | Penetration Tester

    Ministry of Higher Education - MOHE (2013-2014)

    ● Network & System penetration testing.

    ● Web application penetration testing.

  • 04

    Advanced Operations Technology - AOT (2010-2013)

    ● Linux Firewall (IPtables) Expert. [Designing, Implementation, Maintenance, Hardening, and Backup].

    ● Plans, develops, and implements information technology security programs, policies, and procedures to protect confidentiality, integrity, and availability of systems, networks, and data.

    ● Administer and maintain end user accounts, permissions, and access rights.

    ● Check server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, and troubleshooting.

    ● Analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion, and conduct user activity audits where required.

    ● Conduct Black/Grey/White Box Penetration Testing.

    ● Keep current with emerging security alerts and issues.

    ● Enforce the ISO-20000 standard controls & Pass Certificate Auditing.

    ● Enforce ISO-27001 security standard controls procedures.

    ● Enforce Tadawul (Saudi Stock Exchange for Trading) Security controls.

    ● Build operation guidelines for different network security devices for day-to-day operations.

    ● Develop and maintain a Business Continuity and Disaster Recovery plan.

    ● Consult administrative and technical staff to determine information needs, data flows, and system definitions.

    ● Assist in testing new network security equipment and systems.

    ● Prepare technical reports on operation of systems.

  • 05
    Linux Administrator

    Innovation Application Co. Ltd (2009-2010)

    ● Implementation, Installation, and Deployment for Linux Servers.

    ● Managing and security web servers.

    ● Automating IT operations.

    ● Integrating Linux with other operations environment.

    ● Linux training.


  • 01

    Offensive Security Certified Expert

    This is a hands-on ethical hacking course designed by and for professional penetration testers.

  • 02

    GIAC Web Application Penetration Tester

    Insure understanding of major web application flaws and their exploitation and, most importantly, learn a field-tested and repeatable process to consistently find these flaws and convey what they have learned to their organizations.

  • 03

    Certified Ethical Hacker

    Is a qualification obtained by assessing the security of computer systems, using penetration testing techniques.

  • 04

    Offensive Security Certified Professional

    Is the companion certification for our Penetration Testing with Kali Linux training course and is the world's first completely hands-on offensive information security certification.

  • 05

    Red Hat Certified Engineering

    The RHCE certification shows that upi have demonstrated the knowledge, skill and ability required of senior system administrator responsible for Red Hat Enterprise Linux systems

  • 06

    Cisco Certified Network Associate

    A foundation in and apprentice knowledge of networking. CCNA certified professionals can install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not limited to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, Access Lists.

  • 07

    Microsoft Certified IT Professional Enterprise Administrator

    As a Microsoft Certified IT Professional (MCITP) your certification proves that you have the comprehensive set of skills to perform a particular IT job role, such as database administrator or enterprise messaging administrator.

  • 08

    Microsoft Certified Systems Administrator

    Is the industry standard for demonstrating competence in managing and troubleshooting network environments based on the Windows Server 2003 operating systems.

  • 08

    Training courses with no certificates

    ● Penetration Testing Professional - eLearnSecurity.

    ● Web Application Penetration Testing - eLearnSecurity.

    ● Web Application Penetration Testing Extreme - eLearnSecurity.

    ● Mobile Application Security and Penetration Testing - eLearnSecurity.

    ● Mobile Application Security and Penetration Testing - eLearnSecurity.

    ● And more...


  • 01
    B.S, Computer Engineering

    6th of October (2002-2007)

    Computer engineering bachelor degree.


  • Penetration testing
  • Ruby
  • Bash
  • Powershell
  • Java
  • .Net
  • Linux
  • Windows
  • Arabic
  • Communication
  • Team player
  • English
  • Leadership
  • Single Player



    Rubyfu book is a great collection of ideas, tricks and skills that could be useful for Hackers. It's a unique extraction reference, summarizes a lot of research and experience in order to achieve your w00t in shortest and smartest way. Rubyfu is where you'll find plug-n-hack code, Rubyfu is a book to use not only to read, it's where ruby goes evil.

    Read More

    It's a repository to import public exploits to be written in Ruby without Metasploit complication.

    Read More
    Ruby Burp Suite Extentions

    BurpSuite Extension Ruby Template to speed up building a Burp Extension using Ruby

    Read More
    Metasploit contribution

    This module attempts to find Wordpress credentials by abusing the XMLRPC APIs. Wordpress versions prior to 4.4.1 are suitable for this type of technique. For newer versions, the script will drop the CHUNKSIZE to 1 automatically.

    Read More

    WebShellConsole is a small interactive console connect simple web shell from command line using GET.

    Read More

    We collect many tools used in buffer overflow development in one place.

    Read More

    Failover and standby Linux machine with (CentOS) distribution. The core of spare firewall is “ninja firewall” application which is manage the whole recovering process once employee run it without no need for anymore interaction from him.

    Read More


Thank you!

It was really such a pleasure to have you visiting my profile. I hope you've got enough information about my profession and my goals. I wish you reached here with a positive impression about me and my career. This website will be up to date as I achieve mention worthy things in my professional live.

Please Use any of available channel to contact me anytime. For phone calls and instant response, the preferred time is between 9:00-am and 11:30 pm (+3 GMT).

Sabri Saleh

Contact Details

Fullname : Sabri Saleh Hassanayah
Birthdate : 14/05/1985
Skype : kingsabri
Twitter : @KINGSABRI
Mobile : 56-985-9955
Email : king.sabri
Website : www.SabriSaleh.info
Adresse : Riyadh, KSA.