About

I hack at Doyensec. Details of professional experience on Linkedin.

Hobby Projects

sourcegraph-scripts (2022)

A set of Python scripts to identify vulnerabilities in GitHub projects using Sourcegraph. The scripts download code files from Sourcegraph results; subsequently, static analysis is applied to identify vulnerabilities en masse. This demonstrates a unique use-case of Sourcegraph for security research.

Tech stack: Python, Bash, Semgrep, Git

dns-exfil (2021)

A Python tool to start a DNS server for exfilitration or ping-back detection. The tool supports hex encoding and outputs JSON, allowing easy parsing with something like jq. The project has been successfully used to detect the Log4Shell vulnerability.

Tech stack: Python, DNS, Git

censorship-detector (2021)

A browser extension (in JavaScript) that identifies website censorship techniques. Although experimental, it can recognize DNS, HTTP, SNI filtering—all from a browser extension. I built the extension to tackle censorship of sites in Lebanon, my home country.

Tech stack: JavaScript, HTML, CSS, npm, Webpack, WebExtensions API, Git

Contributions & Publications

Press Appearances