Skip to content
View Xeroxx75's full-sized avatar

Highlights

  • Pro

Block or report Xeroxx75

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Xeroxx75/README.md

👋 Hi, I'm Ibrahim - Cybersecurity Engineering Student

DFIR • Windows Security • Reverse Engineering • Malware Analysis

I’m a cybersecurity engineering student (CentraleSupélec / ECE Paris) focusing on DFIR and digital forensics (memory analysis, artifacts, timelines, IOC extraction) and reverse engineering (Ghidra, debugging, binary analysis).
I run hands-on labs, analyze malware and binaries, simulate incidents, and publish structured write-ups here.


🧰 Technical Focus

  • DFIR / Forensics: Volatility3, Sysmon, EVTX, Prefetch/Amcache, KAPE, memory triage, timeline building
  • Detection Engineering: Sigma, IOC extraction, ATT&CK mapping
  • Scripting: Python (parsers, automation), C/C++ (POCs, tooling)
  • Reverse Engineering: Ghidra, GDB/x64dbg, ASM x86-64, CFG, unpacking fundamentals
  • Malware Analysis: static/dynamic analysis, PyInstaller unpacking, YARA rules
  • Offensive Security: AD enumeration, Kerberoast/AS-REP, privesc (lab)

📌 Featured Projects

🔹 DFIR & Reverse Lab

Memory forensics + malware analysis + reverse engineering.
Includes:

  • Incident simulation (Sysmon, memory dump, timeline, Volatility3)
  • Academic ransomware lab (Camellia-128 CFB, Python decryptor, persistence analysis)
  • Crackme analysis (static/dynamic analysis)
  • YARA rules

→ Practical investigations with detailed, documented write-ups.


🔹 DisCover (CentraleSupélec)

C++ research project on binary static analysis (LIEF, Capstone).
Added PE/Mach-O support, extended processor coverage, DWARF handling, and Python bindings.


📄 Contact

Pinned Loading

  1. DFIR_Reverse_Labs DFIR_Reverse_Labs Public

    Python