whoami

I am Fastiraz. Just a guy who love tech (offensive security). I’m curious and very involved in my projects and always give my best. I enjoy working because I’m passionate about what I do. My greatest assets are my versatility, autonomy and creativity. i’m also a CTF player, developer and Linux lover.

💭 Some Dreams

My professional dreams are companies that I want to work for one day in my life.

The first company is Proton AG. I love what they do. We share the same goals, security, privacy, and open-source.
The second is Synacktiv. I personally think that they are the best in France in terms of offensive security (after the DGSE 😅). I’m very passionate about offensive security and I want to learn more so that I can progress as much as possible. That’s why I want to join Synacktiv one day. It will allow me to be surrounded by the best and to acquire skills that I would never get anywhere else.
The third one, Hugging Face. A french company that advance and democratize artificial intelligence through open source and open science.
Google. Wait, you really want to know why?

💻 Programming Languages

Languages	%
`C`	[======== ]
`C++`	[======= ]
`Python3`	[========= ]
`Rust`	[======= ]
`Go`	[======= ]
`Assembly`	[==== ]
`PowerShell`	[========= ]
`Bash`	[===== ]
`C#`	[====== ]
`Lua`	[=== ]
`JS`	[=== ]

👷 Projects

Creation of a trained autonomous AI agent that can attack systems thanks to a given shell, web browser (and more) and interact with private and offensive documentations.
Usercube
- MCP server for Usercube.
- CLI client and toolkit for Usercube.
- LLM trained on Usercube.
A military grade robotic cart that follows you, avoids obstacles, carries heavy load and features a voice-interactive AI agent to assist you with tasks. (in progress…)
Creation of an AI using satellite imagery, vision LLM and OCR for GEOINT.
Creation of a weapon detection and fight alerting system with cameras.
Development of a botnet c2 in language C.
Contribute to Exegol for a secret feature
Contribute to Exegol to add GPU support to the wrapper.
Setting up a private cloud for the french National Police and Gendarmerie.
Carrying out an intrusion test on an internal product.
Development of a DeFi bot using machine learning algorithms like Random Forest, Linear Regression and more…
Creation of a software enabling several attacks to be launched via a GUI in C# and .NET framework.
Creation of a self-hosted shell assistant tool. (EMIKO)
Creation of a super malware in language C with all the knowledge I have in maldev. (evasion techniques, stealer, c2…)
A complete open-source homelab.
Build a course an windows pentesting.
Code a HTTP server in pure C.
Code a hardware spoofer with Universal Windows Platform (UWP) framework in C++/WinRT.

🥷 Hard Skills

Linux
- Hardening
- Docker/Podman
- Qemu/KVM
- Terraform/Ansible
- CI/CD
- Kernel development
Pentest
- Web
  - BurpSuite
  - Fuzzing
  - SQL injection
  - XSS
  - XXE
  - CSRF
  - SSRF
  - SSTI
  - Command injection
  - Vulnerability scanning
- Misc
  - Brute-force
  - Hash cracking (simple, distributed and rainbow tables)
  - OSINT
  - Text recovering from pixelized image
  - Image steganography
- Network
  - Network scanning
  - Port scanning
  - Port forwarding
  - SSH Tunneling
- Windows
  - Unquoted path
  - DLL injection
  - Kerberoasting
  - AS-REP Roasting
  - LSASS Dumping
  - Pass-the-Hash
  - Pass-the-Ticket
  - JEA/CLM bypass
  - SAM base dumping
  - DPAPI
AI
- LLM
- STT
- TTS
- VAD
- RAG
- Fine-tuning
- CAG
- Object Detection
- Anomaly Detection
- Prediction
- Classification
- OCR
- Agents / Autonomous agents
- MCP
- Tools
- Frameworks
  - llama.cpp
  - LangChain
  - LlamaIndex
  - CrewAI
  - Ollama
- ComfyUI
IAM
- IAG
  - Usercube
- AM
  - OAuth2
  - SAML
  - OIDC
- Keycloak
Backend as a Service
- Supabase
- PocketBase

👀 Coming soon…

HackTheBox Certified Penetration Testing Specialist (CPTS)
MalDev Academy complete syllabus
Maybe a talk at leHACK…
A BIG open-source project for offensive security