I'm Mohammad Askar (Askar)

Offensive security engineer, spends my time breaking things or learning how to break things. Over the years, I've discovered and responsibly disclosed multiple vulnerabilities in products and released the full exploit code for each one. I've also operated and led red team engagements across multiple industries, simulating real-world adversaries to help organizations understand and improve their security posture.

I built open-source offensive tools used by pentesters and red teamers across the cybersecurity community such as Octopus C2, DNSStager and more. I've published +20 technical blog posts focused on offensive security, contributed to the security community across the MENA region through educational projects, and I'm currently deep into cloud security, Windows internals research, and AI-assisted vulnerability hunting. This is where I write about what I find, share walkthroughs, and document the things that keep me curious.

For training requests, consulting inquiries, or just to say hello — reach out at contact@askar.so or book a session directly.