Aimen

I like taking tech stuff apart to understand it. Only then does it truly make sense together. Teaching it makes it stick.

View projects Contact

About

Computers are how I think. Security is where that thinking gets tested.

I break things to understand how they work. Then I build something with that knowledge. Then I explain it until I'm sure I actually got it.

That loop is what keeps me going.

Languages
C C++ Python Bash TypeScript x86-64 ASM SQL
Security
Binary exploitation Detection engineering SIGMA rules SIEM Reverse engineering Pentest
Infra & Tools
Docker NGINX Datadog Okta Kandji Jamf Cloudflare Git

Experience

IT & Security Apprentice

Welcome to the Jungle
2025 — present
  • Datadog SIEM — 50+ detection rules across Okta, Google Workspace, 1Password, Notion. Investigation time: 2-4h to under 10 min (-95%)
  • SaaS security audits: Okta, Google Workspace, Notion, Slack — misconfigs, findings, remediations
  • ITSM migration Jira to Siit: full Python automation, zero manual transfer
  • Kandji + Jamf MDM: macOS fleet, resolved Passport Sync conflict, deployed custom config profiles
  • Cloudflare: DNS proxy setup
  • SOC 2 compliance: GRC framework contribution, evidence collection automation
  • Incident response: false positive tuning (-75%), investigation runbook, post-mortems

Programming Teacher

MagicMakers
2023
  • Taught Python, Flask, MongoDB, HTML/CSS to kids and teenagers
  • Created workshop curricula from scratch: database, dynamic pages, auth, debug

Projects

C++98 Networking Systems
Non-blocking I/O epoll Socket programming HTTP/1.1 CGI Virtual hosts

Webserv

HTTP/1.1 server built from scratch in C++98. Non-blocking I/O via epoll, single process, no threads. Behavior validated against NGINX.

  • GET, POST, DELETE with accurate HTTP status codes
  • Config file: virtual hosts, custom routes, error pages, redirects, body size limits
  • CGI integration: PHP and Python interpreters
  • File upload, cookie & session management
  • CI pipeline via GitHub Actions
View on GitHub
C x86-64 ASM GDB
Format strings %N$lx technique x86-64 SysV ABI RSP manipulation Control flow hijacking

Override

Advanced binary exploitation. Format string attacks with %N$lx technique, x86-64 System V ABI calling convention, RSP register manipulation for control flow hijacking.

Docker Infra
Container isolation TLS 1.2 Reverse proxy php-fpm MariaDB

Inception

Multi-service Docker infrastructure in a VM. NGINX (TLS 1.2) as sole entry point, routing to WordPress (php-fpm) backed by MariaDB. Each service in its own container, no pre-built images.

Bonus: Redis cache, FTP server, Adminer, cAdvisor monitoring.

GitHub
TypeScript NestJS React PostgreSQL
OAuth2 2FA / TOTP WebSocket Real-time SQL injection protection

ft_transcendence

Full-stack real-time Pong platform. NestJS backend, React/TS frontend, PostgreSQL, Docker Compose. OAuth2 via 42 intranet, 2FA (email/TOTP), WebSocket gameplay, chat with channel moderation.

SQL injection protection, input validation, password hashing.

GitHub
C Systems
Lexer / Parser Pipes File descriptors Signal handling Process management

Minishell

Bash-like shell in C. Custom lexer and parser from scratch. Pipes, I/O redirections, heredoc, environment variable expansion, signal handling (Ctrl+C, Ctrl+D, Ctrl+\).

Built-ins: cd, echo, export, unset, env, exit.

GitHub
Next.js 15 TypeScript Supabase Mapbox
Geolocation REST API Cron jobs PostgreSQL Interactive map

EssenceMoinsCher.fr

Fuel price comparator using official French government data. Geolocation, interactive map, search and filtering across 9,934 stations and 33,994 prices updated daily via Vercel cron.

Stack: Next.js 15, Tailwind, shadcn/ui, Supabase (PostgreSQL), Mapbox GL.

Live demo
Python Bash C
Port scanning Banner grabbing CIDR DNS resolution IDOR detection

Security Toolkit

Custom offensive tools for OSCP prep and bug bounty. Port scanner: TCP/UDP, CIDR support, banner grabbing, DNS resolution, JSON output. More tools in progress: format string helper, IDOR checker, header auditor.

in progress
C Security CTF
Privilege escalation Reverse engineering SUID binaries Weak crypto Script injection

Snow Crash

CTF-format security challenges. Privilege escalation, reverse engineering, exploiting weak file permissions, SUID binaries, Lua and Python injection, weak crypto.

C x86-64 GDB
Buffer overflow Format strings ret2libc Shellcode Heap exploitation

Rainfall

Binary exploitation chain. Stack buffer overflows, format string attacks (%n write), heap exploitation, ret2libc, shellcode injection. GDB debugging, payload crafting level by level.

Pentest Linux
Recon Enumeration Exploitation Privilege escalation Post-exploitation

Boot2Root

Full penetration test on a target machine. Recon, enumeration, exploitation, privilege escalation, post-exploitation. Complete attack chain documented from zero access to root.

Cub3d gameplay
C Graphics miniLibX
Raycasting DDA algorithm Trigonometry Texture mapping Collision detection

Cub3d

3D raycasting engine in C inspired by Wolfenstein 1992. Real-time first-person rendering, textured walls, configurable maps via .cub files.

Bonus: collision detection, weapon mechanics with recoil, audio, floor/ceiling textures.

GitHub
C Threads Concurrency
Mutex Semaphore Deadlock prevention Race conditions Shared memory

Philosophers

Dining philosophers problem in C. Thread creation, mutex locks, semaphores, shared memory, process forking. Deadlock prevention without data races.

GitHub
Fract-ol fractal renderer
C Graphics miniLibX
Complex numbers Mandelbrot set Julia set Pixel rendering Zoom precision

Fract-ol

Interactive fractal renderer in C. Mandelbrot, Julia, Burning Ship, Burning Bird. Complex number math, pixel-level rendering, graphics optimization with miniLibX.

GitHub

Contact

Open to Security Engineer roles focused on detection, automation, and offensive security.

work@aimen.be GitHub