Intrusion Detection System with ELK & Suricata
Built a lab-based IDS on CentOS with Suricata and ELK Stack to monitor traffic, automate log analysis, and demonstrate faster detection of network threats.
•
1 min read
Professional Summary
Curious and methodical Penetration Tester, I turn x86 machine code into working exploits before the coffee gets cold (and trust me, I drink it fast). I spot weaknesses others miss by blending source review with low-level debugging, then prove impact with clean, custom PoCs.
My toolkit includes IDA Pro, Ghidra, x64dbg, Radare2, plus Pwntools wrapped in Python/C same tools the black-hats love, except I use them to ruin their day before breakfast.
Off-clock, I’m deep in CTF challenges, hunting new vulnerability classes, or writing up findings with obsessive details. Integrity isn’t a checkbox for me. it’s why I only break things I’m invited to, and always leave them stronger. I work best with remote-first, globally distributed teams. I never forget that real security starts with trusting people behind the systems.
Ready to protect yours.
Education
Master's Level Engineering Degree in Computer Science, Networks and Multimedia
Private International Polytechnic School of Tunis
Professional Master's Degree in Operational Cybersecurity
Tunis Higher School of Communications
Professional Master's Degree in Open Source Software Engineering
Higher Institute of Computer Science
Interests
Low-Level exploitation & x86 reverse engineering
Exploit development
vulnerability research
hardening techniques
Ethical hacking
Secure software design
CTF Challenges
Experience
SOC Analyst Intern
El-Khawarizmi Computing Center (CCK)- Built real-time Power BI dashboards to monitor Fortigate and IDS/IPS logs, improving detection and incident triage times.
- Correlated Splunk and ELK alerts with threat intelligence to validate indicators and evidence for investigations.
- Tuned detection rules and enriched logs to reduce noise and focus on attacker-aligned behaviors to support red team validation and post-exploitation analysis.
Penetration Tester Intern
El-Khawarizmi Computing Center (CCK)- Conducted black-box and authenticated application tests using Burp Suite (manual + scanner), WPScan and Nessus to find injection, authentication, and session flaws.
- Performed host and network discovery (Nmap), vulnerability validation, and produced remediation-focused reports with reproduction steps and risk ratings.
- Automated repetitive checks with Python scripts to reliably reproduce findings and reduce manual verification time.
Web3 Systems Engineer Intern
Smart Tunisian Technopark (S2T)- Engineered blockchain-based applications using Solidity and JavaScript, implementing secure coding with OpenZeppelin to address OWASP Top 10 vulnerabilities in decentralized systems.
- Integrated authentication protocols like SAML equivalents in Web3, conducting vulnerability assessments with Remix IDE to ensure robust remediation and auditability.
Software Engineer Intern
El-Khawarizmi Computing Center (CCK)- Implemented secure web application features and hardened server configurations; participated in code reviews to spot injection and auth issues.
Identity Systems Engineer Intern
El-Khawarizmi Computing Center (CCK)- Designed federation and identity flows (SAML, LDAP) and hardened authentication paths—experience relevant to Active Directory and identity-focused red team tests.
Network Security Intern
Tunisian Civil Aviation and Airports Authority (OACA)- Applied secure access controls via Active Directory and monitored traffic with Wireshark to troubleshoot and harden systems.
Network Security Intern
Tunisian Civil Aviation and Airports Authority (OACA)- Secured network devices and implemented basic network hardening practices that later informed internal/external network pentests.
Projects
Ethical Keylogger Demonstration Tool
Developed a proof-of-concept keylogger in a controlled lab with pynput and smtplib, highlighting exfiltration risks and strengthening understanding of attacker techniques.
•
1 min read
Windows 7 Forensics Analysis with Autopsy
Recovered deleted files and artifacts from a compromised VM using Autopsy and SIFT Workstation, reinforcing skills in digital forensics and incident response.
•
1 min read
Recent News
Trending
🎓 Professional Milestone: Turning Vulnerabilities into Fortified Systems
Celebrating my graduation in Operational Cybersecurity and the hands-on journey through low-level exploitation, reverse engineering, and exploit development.
