Securinets Friendly 2025 - Pwn Writeups
This post contains quick writeups for all the binary exploitation (pwn) challenges from the Securinets Friendly 2025 CTF competition. The challenges a...
View Post →About Me
Currently diving deep into exploit development, reverse engineering, and breaking code (whether it's yours, mine, or ours).
Used to do game (and game-engine) dev, and low-level graphics. Admired the creative side, so I still sneak shaders where they have no business being.
Big fan of animals and trees; ducks are the absolute pinnacle of perfection.
My cat helps me debug, paws down, the best co-pilot.
Recent Achievements
Co-founded REvenant
- Co-founded and led development of an AI-assisted exploit research platform using autonomous agents to orchestrate analysis tools, patchers, and debuggers — cutting malware deobfuscation time by 35%, manual research effort by 20%, and significantly speeding up CTF challenge solves.
CTF Achievements
- Qualified for ASCW finals 2025.
- Qualified for Cyber Tech Olympics 2025.
- Qualified for blackhat MEA finals 2025.
- Qualified for CSAW 2025.
- Ranked top 3 in CSAW 2025 finals.
- Qualified for ASCW 2025.
- Ranked top 4 in BrunnerCTF (1,158 teams)
RegNet Web Server
- Developed a lightweight, high-performance static web server from scratch in x86-64 assembly (NASM), with fully manual memory management, lock-free data structures, fast HTTP/1.1 parsing, and non-blocking concurrent connection handling via modern Linux kernel interfaces.
Latest Posts
Pwn Beginner Tips & Tricks
Short, focused tips for absolute beginners: connect with netcat, automate with pwntools, abuse format strings, understand basic calling conventions (x...
View Post →cJSON Array Index Parsing Vulnerability
A critical vulnerability exists in the cJSON library (`cJSON_Utils.c`, function `decode_array_index_from_pointer`) that allows attackers to bypass arr...
View Post →Experience Timeline
Technical Instructor • Securinets
August 2025 - Present
- Authored original Pwn and Reverse Engineering CTF challenges, engaging 400+ participants per event
- Presented hands-on workshops on binary exploitation, training students from 10+ universities
- Designed containerized challenge infrastructure with 100% uptime during competitions
CTF Player • FL1TZ & 0xFun
August 2024 - Present
- Competed with FL1TZ locally and 0xFun internationally, securing regular top rankings in competitive CTFs
- Qualified for prestigious competitions including Arab Security Cyber Wargames, Blackhat, Cybersecurity Tech Olymics & CSAW
- Specialized in Pwn and Reverse Engineering categories across multiple CTF formats
Co-Founder & Developer • REvenant
July 2025 - Present
- Developed AI-assisted exploit platform, cutting deobfuscation and reverse engineering time by ~35%
- Automated binary analysis, reducing manual research time by 20%
- Increased vulnerability detection rate in CTF-style Pwn challenges by 30%
ICT Engineering Student • INSAT
2023 - May 2027
- Pursuing National Engineering Diploma in Computer Networks and Telecommunications
- Specialized coursework in Operating Systems & Virtualization, Embedded & Real-Time Systems
- Focus on High-Speed Networks & Mobile Protocols & Cybersecurity
Lead Game Developer • Phantom Penguin
November 2020 - 2022
- Led a team of six developers to successfully deliver 5+ desktop and mobile game titles
- Facilitated team collaboration through task delegation and code reviews, improving efficiency by 40%
- Maintained 95% bug-free release standards with 100% on-schedule project completion
Low-Level Graphics & Systems Developer • Open Source
2020 - Present
- Enhanced grid and gizmo systems in the Stride game engine using C#, improving usability and precision
- Contributed to large-scale simulation tools including physics engines and wildfire simulators
- Implemented low-level optimizations using profiling tools to identify bottlenecks