I'm Aziz, a penetration tester and vulnerability researcher from Harmah, now based in Riyadh, and the founder of Catchify. I find the flaws others miss. My work covers web, API, mobile, and network penetration testing, full red-team engagements, and original research that has produced ten NVD-published CVEs.
Six of the ten are rated critical, including two maximum-severity CVSS 10.0 findings in Ubiquiti's UniFi platform. Six more UniFi CVEs across Access, Protect, and Talk landed in Ubiquiti's July 2026 advisory. One UniFi Access disclosure earned a $25,000 maximum Ubiquiti bounty via HackerOne; a UniFi OS path traversal earned a $30,500 bounty, my highest so far. All of them are published, patched, and credited by the vendor.
I founded Catchify to bring focused, Saudi-led offensive security to organizations across the Kingdom. On a bounty, an engagement, or a report, I aim for one thing: a clear, prioritized path to closing the gaps that matter.
IdentityAbdulaziz Naif Almadhi
RoleFounder & CEO of Catchify
Research10× CVE · Ubiquiti, Ellucian
StationRiyadh, SA · Harmah حرمة
Record10 CVEs · 11 certifications