Hi! I’m Mohamed Masmoudi (Enigma522), a cybersecurity enthusiast who loves CTFs, HackTheBox, and digging into vulnerabilities (This is some CVEs I found).
This site hosts my writeups and research. Thanks for stopping by!
Feel free to connect with me on GitHub, LinkedIn.

---

My Experience

Penetration Testing & Security Audits: I perform security assessments on web applications and infrastructure, identify vulnerabilities, and provide remediation advice. I also participate in bug bounty programs.

Red Team Tooling: I’m passionate about building automation tools to support my pentesting journey. I develop custom offensive tools — including a C2 framework with implants and a CLI — using Go and Python.

Software Engineering: As a software engineering student at INSAT, I have strong experience in software development and DevOps. I have worked with programming languages like C++, Python, and Go, and frameworks such as Angular, NestJS, and Flask. Additionally, I am experienced with Docker, CI/CD pipelines using GitLab, and automated deployments with Ansible.

Education & CTFs: I’m currently studying software engineering at INSAT and am an active member of Securinets. I contribute to CTF challenges focused on web exploitation and digital forensics.

Projects

• C2‑framework
  A full-featured Command & Control (C2) framework in Go with CLI, server, and implant components—built for secure post‑exploitation and red-team operations.

• netcut‑cli
  Lightweight ARP‑spoofing tool in Go for LAN management—scan networks, cut device connections, and prototype bandwidth control.

• Spider
  Asynchronous web crawler in Python for reconnaissance—crawls URLs to a specified depth and extracts key information.

I have also completed numerous web development projects both at university and as a freelancer, building full-stack applications using modern frameworks and technologies.