AUTHOR
WRITEUP
> Securinets Friendly 2025 - Pwn Writeups_
Complete writeups for all binary exploitation challenges from the Securinets Friendly 2025 CTF competition.
Sep 21, 202526 min…
Welcome Player!
Portfolio System Ready...
Salah Chafai
Security Researcher & Developer
Exploit Development & Security Research
Co‑founder of AI-assisted exploit platform, CTF player at FL1TZ, and ICT Engineering student. Focused on vulnerability research, binary exploitation, reverse engineering and efficient low‑level systems.
Recent Achievements & Projects
REvenant
Co-founded and developed AI-assisted exploit platform, achieving 35% reduction in deobfuscation time and 20% faster manual research.
AI/MLAutomationCo-founder
CTF Achievements
4th place in Brunner CTF 2025 (1,158 teams), qualified for CSAW 2025 finals (top 4 MENA region), ASCW CTF finalist (Top 10), authored 20+ challenges for 400+ participants.
QualificationsChallenge Author
RegNet Web Server
High-performance x86-64 web server built entirely in assembly with optimized memory management and concurrent connection handling.
AssemblyPerformancex86-64
Latest Research & Writeups
Deep dives into vulnerability research, CTF writeups, and security analysis.
AUTHOR
> Pwn Beginner Tips & Tricks_
Quick practical primer: netcat essentials, pwntools workflow, format string primitives, calling conventions, and integer overflows.
Sep 8, 202511 min…
SECURITY RESEARCH
CVE-2025-57052
> cJSON Array Index Parsing Vulnerability_
Discovery and analysis of a critical vulnerability in cJSON that allows attackers to bypass array bounds checking and access restricted data through malformed JSON pointer exploitation.
Jul 23, 20253 min…
Professional Journey & Experience
Co-Founder & Developer @ REvenant
July 2024–Present- Developed AI-assisted exploit platform, cutting deobfuscation and reverse engineering time by ~35%
- Automated binary analysis, reducing manual research time by 20%
- Increased vulnerability detection rate in CTF-style Pwn challenges by 30%
Co-Founder & Developer @ REvenant
July 2024–Present- Developed AI-assisted exploit platform, cutting deobfuscation and reverse engineering time by ~35%
- Automated binary analysis, reducing manual research time by 20%
- Increased vulnerability detection rate in CTF-style Pwn challenges by 30%
CTF Player & Challenge Author @ FL1TZ
August 2024–Present- Authored 20+ original Pwn and Reverse Engineering CTF challenges, engaging 400+ participants per event
- Presented 5+ hands-on workshops on binary exploitation, training students from 10+ universities
- Designed containerized challenge infrastructure with 100% uptime during competitions
CTF Player & Challenge Author @ FL1TZ
August 2024–Present- Authored 20+ original Pwn and Reverse Engineering CTF challenges, engaging 400+ participants per event
- Presented 5+ hands-on workshops on binary exploitation, training students from 10+ universities
- Designed containerized challenge infrastructure with 100% uptime during competitions
ICT Engineering Student @ INSAT
2023–May 2027- Pursuing National Engineering Diploma in Computer Networks and Telecommunications
- Specialized coursework in Operating Systems & Virtualization, Embedded & Real-Time Systems
- Focus on High-Speed Networks & Mobile Protocols, Ethical Hacking & Cybersecurity
ICT Engineering Student @ INSAT
2023–May 2027- Pursuing National Engineering Diploma in Computer Networks and Telecommunications
- Specialized coursework in Operating Systems & Virtualization, Embedded & Real-Time Systems
- Focus on High-Speed Networks & Mobile Protocols, Ethical Hacking & Cybersecurity
Low-Level Graphics & Systems Developer
2020–Present- Enhanced grid and gizmo systems in the Stride game engine using C#, improving usability and precision
- Contributed to large-scale simulation tools including physics engines and wildfire simulators
- Implemented low-level optimizations using profiling tools to identify bottlenecks
Low-Level Graphics & Systems Developer
2020–Present- Enhanced grid and gizmo systems in the Stride game engine using C#, improving usability and precision
- Contributed to large-scale simulation tools including physics engines and wildfire simulators
- Implemented low-level optimizations using profiling tools to identify bottlenecks
Lead Game Developer @ Phantom Penguin
November 2020–2022- Led a team of six developers to successfully deliver 5+ desktop and mobile game titles
- Facilitated team collaboration through task delegation and code reviews, improving efficiency by 40%
- Maintained 95% bug-free release standards with 100% on-schedule project completion
Lead Game Developer @ Phantom Penguin
November 2020–2022- Led a team of six developers to successfully deliver 5+ desktop and mobile game titles
- Facilitated team collaboration through task delegation and code reviews, improving efficiency by 40%
- Maintained 95% bug-free release standards with 100% on-schedule project completion
Programming Foundations
2015–2016- Began software development journey with core programming principles
- Explored algorithms, data structures and fundamental computer science concepts
- Built foundation for future specializations in security research and systems development
Programming Foundations
2015–2016- Began software development journey with core programming principles
- Explored algorithms, data structures and fundamental computer science concepts
- Built foundation for future specializations in security research and systems development
Technical Skills & Expertise
Exploit Development & Security Research
- Binary Exploitation & Vulnerability Research
- Stack & Heap Exploitation Techniques
- Return-Oriented Programming (ROP)
- Format String & File Stream Oriented Programming
- Cross-architecture Exploitation Experience
- AI-assisted Exploit Platform Development
Reverse Engineering & Analysis
- Assembly (x86/x64) & Low-level Programming
- IDA Pro, Ghidra, Binary Ninja & x64dbg
- GDB, dnSpy, Cheat Engine & Angr
- Dynamic & Static Analysis
- Malware Analysis & APK Reverse Engineering
- Cryptographic Protocol Analysis
Systems & Infrastructure
- Linux Systems (Arch, Kali, Ubuntu, Parrot)
- Docker & Containerization
- Network Configuration & Virtualization
- CI/CD Pipeline Implementation
- High-Performance Web Server Development
- Infrastructure Automation & Deployment
Graphics & Game Development
- OpenGL, Vulkan & Graphics APIs
- Shader Programming (GLSL, HLSL, SDSL)
- Game Engines (Unity, Stride3D, Unreal, Godot)
- Real-time Rendering & Physics Simulation
- Team Leadership & Project Management
- Performance Optimization & Profiling
Programming & Development
- C/C++, Assembly, Python & Java
- C#, SQL, Bash/Shell Scripting
- Network Programming & Protocol Implementation
- Concurrent & Multi-threaded Programming
- Algorithm Design & Data Structures
- Code Review & Quality Assurance
Cybersecurity Tools & Platforms
- Burp Suite, Metasploit & Wireshark
- Nmap, Tcpdump, Netcat & Aircrack-ng
- CTF Platform Development & Challenge Creation
- Penetration Testing & Ethical Hacking
- Network Security & Vulnerability Assessment
- Security Workshop Design & Training
"Aut viam inveniam aut faciam"
I will either find a way or make one
— Hannibal • 218 BCE