$ WHOAMI
I am a freshly graduated Cybersecurity Engineer with a strong passion for offensive security. Currently, I am an Offensive Security Intern, where my mission involves Web Application penetration testing, external & internal penetration testing, and configuration audits.
"Embrace the nerves while enjoying the process."
Certifications
- Practical API Hacking
- Practical Ethical Hacking
- Windows Privilege Escalation
- Linux Privilege Escalation
- Practical Web Application Security and Testing
- Jr Penetration Tester
- CompTIA PenTest+
Projects
1. AuditHound
- Developing a security tool based on BloodHound’s results during AD security audits.
- This tool automates the security audit task for Active Directory environments by leveraging the results of BloodHound.
- It generates detailed reports, typically in Excel format, that summarize identified security misconfigurations. These reports also include actionable recommendations for resolving the identified AD security issues.
2. Android Static and Dynamic Analysis of password managers
- The idea of this project is to decompile and analyze a set of eight popular password managers on Android to check if they correctly handle the master password.
- Tools used: Genymotion, JADX, Ghidra, Apktool, ADB, BurpSuite, Frida, Objection.
- Software analyzed: 1Password, LastPass, Keeper, Sticky Password, Password Depot, NordPass, Bitwarden, mSecure.
Notible CTF Accomplishments
- 2023 - 2nd Team in National CTF ENSIAS MCSC V10.0.
- 2022 - 1st Place in Local CTF ENSAO.
- 2022 - Among Top 10 students in CyberTalents's Bootcamp.
- 2022 - 2nd Team in Morocco CTFtime.