______ ___ ___ _______ ___________ _ __ | ___ \/ _ \ | \/ |___ / ___| ___ \ | / / | |_/ / /_\ \| . . | / /| |__ | |_/ / |/ / | /| _ || |\/| | / / | __|| /| \ | |\ \| | | || | | |/ /__| |___| |\ \| |\ \ \_| \_\_| |_/\_| |_/_____|____/\_| \_\_| \_/
Welcome to my portfolio. _
I'm a Pentester and Dev crafting tools to protect people from the evil.
[01] WHOAMI – Who is behind the keyboard
[02] TIMELINE – Experience & events log
[03] PROJECTS – Tools & builds
[04] WRITE-UPS – CTF solutions & techniques
[05] WHAT-I-UNDERSTOOD – Notes & reflections
[06] SKILLS – Proficiency heatmap
[07] NOW – What I'm working on
[08] CONTACT – Reach out
ROOT-ME 2170 pts TOP 1% CTF EVENTS 5 events HACKATHONS 4 events PROJECTS 13 repos WRITE-UPS building...
TARGET | RANK / SCORE | STATUS ---------------|-------------------------|----------------------- Root-Me.org | 2170 pts (TOP 1%) | [PRIVILEGED_ACCESS] TryHackMe | [0x7] ADEPT | [ESTABLISHED] HackTheBox | Script Kiddie | [RECON_PHASE]
CTF Events: PicoCTF 2024, 404CTF 2025, Holmes CTF 2025, TRACS 2025, Root-Me Xmas 2025
Hackathons: Doctolib, Paris Blockchain Week, Chiliz Paris, Solana Cypherfunk
NAME | STACK | STATUS ----------------------|--------------------------------|------------------- sinker | Rust, ESP32 | [IN PROGRESS] ds4 | Rust, HID, Driver Dev | [IN PROGRESS] moistping | Rust, ESP32, Telegram | [IN PROGRESS] CVE-2024-46987 | Rust, PoC, Exploit Dev | [COMPLETED]
WHOAMI
I'm a developer and pentester driven by curiosity and precision. I build tools that reveal, protect, and challenge the boundaries of technology — from web and systems programming to embedded security.
Always learning, always experimenting, always seeking what lies beneath the surface.
My favorite quote: "Work hard, and wait for the result"
[+] Offensive Security
Burp Suite, Nmap, Metasploit, Rust, Python
[+] Security Tool Dev
Rust, C, Python, Shell, Linux
[+] Embedded & Low-Level
C, Rust, ESP32, Microcontrollers, Embedded Linux
[+] Smart Contract Auditing
Solidity, Hardhat, Solana, Ethereum
[+] Infrastructure & Ops
Docker, Kubernetes, Vagrant, Linux, CI/CD
[+] Reverse Engineering
Ghidra, IDA, GDB, Assembly, ELF/PE
YEAR | PROVIDER | CERTIFICATION | STATUS -----|--------------|--------------------------------|--------- 2024 | Google | Security Certification | DONE 2025 | PortSwigger | Burp Suite Certified | PENDING 2026 | HackTheBox | CPTS | TODO
FRENCH : Native
ENGLISH: Fluent
ARABIC : Native
- EMAIL: 0xmaskass@gmail.com
- LOCATION: Paris, Lausanne, Dubai
- GITHUB: github.com/rabouzia
TIMELINE
● Mar 2026 Portfolio v2 — terminal rewrite, all pages live │ ● Feb 2026 CVE-2024-46987 PoC published (Path Traversal, Camaleon CMS) │ ● Jan 2026 Root-Me Xmas CTF 2025 — TOP 1% milestone hit (2000 pts)
● Nov 2025 TRACS 2025 CTF │ ● Oct 2025 Holmes CTF 2025 │ ● Sep 2025 heapforge — custom malloc/free for STM32 shipped │ ● Jun 2025 404CTF 2025 — web & crypto challenges │ ● May 2025 Solana Cypherfunk hackathon — Solana / Rust track │ ● Apr 2025 Chiliz Paris hackathon — smart contract track │ ● Mar 2025 Paris Blockchain Week hackathon │ ● Feb 2025 TryHackMe — ADEPT rank [0x7] reached │ ● Jan 2025 PortSwigger Web Security cert — in progress
● Dec 2024 Binary Packer — ELF/Mach-O x86_64 + ARM64 shipped │ ● Oct 2024 Doctolib hackathon │ ● Sep 2024 Google Security Certification — COMPLETED │ ● Mar 2024 PicoCTF 2024 — first serious CTF run, binary exploitation │ ● Jan 2024 42 School — started systems & security curriculum
● Web dev fundamentals, first CTF attempts, Python scripting │ Rabbit holes: assembly, networking, cryptography basics ● Origin story: curiosity about how things break
PROJECTS
total 13 [7 in-progress] [5 completed] [1 not-started]
STATUS : [IN PROGRESS] STACK : Rust, ESP32, Networking, Embedded REPO : github.com/rabouzia/sinker
ESP32 DNS sinker. Intercepts and sinks DNS queries at the embedded level — useful for network monitoring, captive portal setups, and wireless security research.
STATUS : [IN PROGRESS] STACK : Rust, HID, USB, Driver Dev REPO : github.com/rabouzia/ds4
DUALSHOCK 4 driver written in Rust. Interfaces directly with the PS4 controller over USB/BT HID, exposing inputs programmatically without relying on OS-level drivers.
STATUS : [IN PROGRESS]
STACK : Java, Burp Suite Extension API
A Burp Suite extension designed to assist beginners in web pentesting. Automates common payload injection workflows and provides guided hints during active scans.
STATUS : [IN PROGRESS] STACK : Rust, Linux, systemctl, Daemon REPO : github.com/rabouzia/taskmaster [private]
A job control daemon in Rust. Continuous foreground service for fine-grained process scheduling on Linux — lightweight alternative to cron with better supervision and systemctl integration.
STATUS : [IN PROGRESS] STACK : TypeScript, Rust, Axum REPO : [private]
Torrent streaming platform. Rust backend with Axum, OAuth, RESTful API. Security-first development: code audit and web pentest integrated throughout the build.
STATUS : [IN PROGRESS] STACK : Rust, ESP32, Embedded, Telegram API REPO : [private]
🦀 Built with Rust on ESP32 — never forget to water your plants 🌱 again. Reads soil moisture sensor data and sends a Telegram ping when the soil gets dry.
STATUS : [IN PROGRESS] STACK : Rust, CLI, Cryptography REPO : [private]
Command-line tool for encoding and decoding JWTs anonymously. Portable and dependency-light — designed as a quick utility for pentesters in the field.
STATUS : [COMPLETED] STACK : Rust, PoC, CVE REPO : github.com/rabouzia/CVE-2024-46987
Rust PoC exploiting CVE-2024-46987, a Path Traversal vulnerability in Camaleon CMS versions 2.8.0–2.8.2 (also works on 2.9.0). Demonstrates arbitrary file read via unsanitized path parameters.
STATUS : [COMPLETED] STACK : C, STM32, Embedded, Memory Management REPO : github.com/rabouzia/heapforge
Custom embedded memory allocator (malloc/free) for STM32 in C. Minimalist heap manager tailored for memory-constrained microcontrollers where stdlib allocators are too heavy.
STATUS : [COMPLETED] STACK : Rust, Solana RPC REPO : github.com/rabouzia/soltx-decode
Minimal Rust CLI to decode and print Solana transaction metadata. Parses raw transaction data, extracts accounts, instructions and program IDs. Useful for on-chain debugging and audit tooling.
STATUS : [COMPLETED] STACK : Rust, Solana, TUI REPO : github.com/rabouzia/solterm
Terminal-style Solana wallet interface for devnet. Manages keypairs, queries balances, sends transactions and inspects on-chain data from a keyboard-driven TUI.
STATUS : [COMPLETED] STACK : Solidity, Ethereum, Smart Contracts REPO : github.com/rabouzia/token
Simple Solidity ERC-20 compatible token. Covers deployment, minting, and transfer logic on Ethereum. A foundation for exploring smart contract auditing and DeFi primitives.
STATUS : [COMPLETED] STACK : C, Assembly, ARM, x86_64, ELF, Mach-O REPO : github.com/rabouzia/woody-woodpacker
Lightweight executable packer encrypting binaries at rest. Supports ELF and Mach-O formats across ARM and x86_64. Stub loader decrypts and maps segments into memory at runtime.
STATUS : [COMPLETED — archive] STACK : C, ELF REPO : github.com/rabouzia/ft_nm
Reimplementation of the Unix nm utility in C. Parses ELF symbol tables directly to understand binary structure at the byte level. A deliberate exercise in ELF internals.
STATUS : [COMPLETED — archive] STACK : C, Rust, NASM REPO : github.com/rabouzia/dr-quine
Self-replicating programs (quines) in C, Rust and NASM. Explores code that outputs its own source, touching on compiler internals, string escaping and assembly self-reference.
STATUS : [COMPLETED] STACK : Rust, Discord API, Telegram API REPO : github.com/rabouzia/bot
Anti-doomscrolling bot for Telegram and Discord. Fetches videos from Instagram, Twitter and TikTok via a link without requiring accounts. Async Rust with external API integration.
STATUS : [NOT STARTED]
STACK : Rust, ESP32, Networking, Embedded
Wi-Fi deauthentication tool on ESP32, written in Rust using esp-rs. Will target 802.11 management frames for authorized testing of wireless network resilience.
WRITE-UPS
CATEGORY | DIFFICULTY | EVENT | TITLE | DATE ----------|------------|-----------------|------------------------------|---------- Web | Easy | Root-Me | Example Challenge Name | 2026-03-01
$ HOW TO ADD: 1) copy a line above, update id 2) copy the entry block below, same id 3) done.
404CTF_2025 | [ENCRYPTED]
RootMe_Web | [ENCRYPTED]
PicoCTF_Binary | [ENCRYPTED]
HackTheBox_Sherlocks | [ENCRYPTED]
[INFO] write-ups published after CTF embargo lifts — decrypt_archive.sh
PLATFORM : root-me.org/ramzerk SCORE : 2170 pts — TOP 1% SOLVED : Web, App-Script, Réseau, Forensic, Crypto, Stéganographie...
[!] WRITE-UPS NON PUBLIABLES La charte Root-Me interdit explicitement la publication de solutions aux challenges de la plateforme sous peine de bannissement du compte. Les write-ups existent, ils restent privés. Pour en discuter : 0xmaskass@gmail.com
CHALLENGE : Example Challenge Name
EVENT : Root-Me
CATEGORY : Web
DIFFICULTY: Easy
DATE : 2026-03-01
POINTS : 20
FLAG : RM{your_flag_here}
One or two sentences describing what the challenge was about and what the core trick was.
Describe initial observations. What did you see when you first looked at the challenge?
$ step one command here
$ step two command here
[output or observation]
$ next command
[result]
What was the "aha" moment? What did you understand that unlocked the solution?
# paste your final payload / exploit code here
payload = ""
What did you learn? What would you do differently? Any useful tool or technique to remember.
WHAT-I-UNDERSTOOD
A personal log of concepts, techniques, and mindset shifts that clicked. Not tutorials — raw understanding.
DATE | TOPIC | TITLE -----------|--------------------|----------------------------------------- 2026-03-17 | Rev / Binary | Mach-O file format & ELF comparison
$ HOW TO ADD: 1) copy a line above, set id 2) copy the entry block below, same id 3) done.
TITLE : Mach-O file format & ELF comparison
TOPIC : Reverse Engineering / Binary Analysis / Apple Platforms
DATE : 2026-03-17
SOURCE : Binary Packer project + objdump analysis of Hello World binaries
While building the Binary Packer, I had to understand how executables are structured at the byte level — both on Linux (ELF) and macOS (Mach-O). I compiled a simple Hello World in C and disassembled it on both architectures to see what actually differs.
A Mach-O file is structured like a sandwich: a Header (identity card), Load Commands (the roadmap for dyld), and a Data area (the actual bytes). The magic number tells you everything upfront — 0xFEEDFACE = 32-bit, 0xFEEDFACF = 64-bit, 0xCAFEBABE = Fat Binary.
ELF and Mach-O solve the same problem differently. ELF uses Program Headers + Section Headers. Mach-O uses Load Commands that tell dyld exactly how to map each segment.
BEFORE: I thought macOS just "ran" binaries like Linux does, same idea.
AFTER : The loader (dyld vs ld-linux.so) and the format are deeply different.
Mach-O's LC_MAIN, LC_LOAD_DYLIB are richer and more explicit than
ELF's e_entry + PT_INTERP equivalents. Code signing is baked in (LC_CODE_SIGNATURE).
┌─────────────────────────────────────┬─────────────────────────────────────┐
│ MACH-O (macOS) │ ELF (Linux) │
├─────────────────────────────────────┼─────────────────────────────────────┤
│ Magic: 0xFEEDFACF (64-bit) │ Magic: \x7fELF │
│ LC_SEGMENT_64 __TEXT → r-x │ PT_LOAD (text) → r-x │
│ LC_SEGMENT_64 __DATA → rw- │ PT_LOAD (data) → rw- │
│ LC_MAIN → entry point │ e_entry → entry point │
│ LC_LOAD_DYLIB → libSystem.dylib │ PT_INTERP → ld-linux.so │
│ Dynamic linker: dyld │ Dynamic linker: ld-linux.so │
└─────────────────────────────────────┴─────────────────────────────────────┘
ARM64 call to printf (Mach-O):
adrp x0, 0x100000000 ; load string page
add x0, x0, #0x48c ; add offset → "Hello World"
bl 0x100000480 ; branch to printf stub
- man dyld / man ld
- otool -l <binary> # dump load commands on macOS
- objdump -D <binary> # full disassembly
- readelf -a <binary> # ELF equivalent
- https://github.com/aidansteele/osx-abi-macho-file-format-reference
TITLE : Example Entry Title
TOPIC : Topic (e.g. Reverse Engineering, Web, Crypto, Mindset...)
DATE : YYYY-MM-DD
SOURCE : Where did you encounter this? (CTF, book, lab, random rabbit hole)
Where were you, what were you doing when this clicked?
Explain the concept in your own words.
BEFORE: What did you think / assume before?
AFTER : What do you now understand that you didn't?
# code snippet, command, payload, diagram, or analogy that made it real
- https://...
SKILLS
[NOTE] self-assessed — last calibrated 2026-03-17. honesty > inflation.
NOW
▶ sinker — ESP32 DNS sinker, Rust. Getting the stub resolution right. ▶ ds4 — DualShock4 HID driver, fighting USB descriptor parsing. ▶ Payloads4Burp — Burp extension. Polishing the payload injection UI.
→ PortSwigger Web Security labs — working through advanced SQLi + SSRF → Heap exploitation fundamentals (ptmalloc internals) → Rust async / embassy framework for embedded
⚑ Watching: 404CTF 2026, FCSC 2026, DGHACK 2026 ⚑ Goal: get first blood on a web challenge, publish write-up same day
▣ The Art of Exploitation — Jon Erickson (re-reading the heap chapter) ▣ Various RustSec advisories — reading CVE diffs as training
✗ Not looking for a job right now — heads-down building mode
✗ Not taking on freelance — focus on 42 + personal projects
CONTACT
EMAIL : 0xmaskass@gmail.com GITHUB : github.com/rabouzia LOCATION: Paris · Lausanne · Dubai
avg latency : 24–48h
preferred lang: French, English, Arabic
open to : collab, security research, internship inquiries
not open to : spam, crypto scams, "quick question" with no context