Hamed Kohi
Biography
My name is Hamed Kohi, an Afghan-Canadian cybersecurity professional specializing in vulnerability research, programming and penetration testing.
I’m driven by a passion for uncovering and responsibly disclosing vulnerabilities in open-source systems,
bolstering global cybersecurity efforts.
Since starting my journey in Kabul, Afghanistan in 2020, I’ve honed my skills after moving to Canada in 2022.
Here, I’ve dived deep into vulnerability analysis, exploit development, and red team operations,
mentoring aspiring researchers and delivering innovative security solutions.
My work reflects a commitment to collaboration, continuous learning, and pushing the boundaries of cybersecurity excellence.
Certifications
- Certified Penetration Testing Specialist (CPTS, pending)
- Certified Red Team Operator (CRTO, pending)
- Virtual Hacking Labs Certified (VHL+)
- Virtual Hacking Labs Advanced+ Certified
Common Vulnerabilities & Exposures (CVEs)
- CVE-2024-57601 (Stored XSS & PE, EasyAppointments)
- CVE-2024-57602 (CWE-307, EasyAppointments)
- CVE-2024-57603 (Login Bruteforce, ezBookkeeping)
- CVE-2024-57604 (OTP Bruteforce, ezBookkeeping)
- CVE-2024-57605 (Stored XSS, FuelCMS)
- CVE-2025-24854 (Stored XSS, Apache JSPWiki)
- CVE-2025-29868 (Privacy Leak, Apache Answer)
Cyber Missions
-
Mission Cyber Sentinel (ongoing)
A joint global mission dedicated to securing 250K sites by identifying vulnerability in widely used open-source software. -
Cyber Mounties Canada (ongoing)
A mission to build Canada's industry approved e-learning platform with a focus on practical & hands on cybersecurity training.
Open-Source Projects
- Zerodayf (Zeroday Factory)
Core Skills
- Vulnerability Research & Development
- Desktop Application Development
- Full-Stack Web Development
- Malware Development
- Penetration Testing
Programming Languages
- C 11
- C# 10.0 and 7.3
- PowerShell
- Python 3
- JavaScript