Achraf EL MASDOURI

A Cybersecurity enthusiast trying to get better at dealing with laptops.

Socialization

Skills

Security
  • Pentesting
  • Honeypots/Honeynets
  • Firewalls
  • IPs/IDs
  • Network
  • Reverse Engineering
Programming Languages
  • Python
  • Java
  • C
  • C++
  • Javascript
  • Typescript
Web developement
  • Express
  • Flask
  • React
  • Vue
Databases
  • MySQL
  • PostgreSQL
  • Redis
  • MongoDB
Containers & Cloud
  • Docker
  • Kubernetes
  • Google Cloud
Others
  • Elasticsearch
  • Logstash
  • Kibana
  • git

ScrapperIO

ScrapperIO is a solution that lets users program recurrent scrapping jobs and get alerted depending on the result of the scrapped content without writing code. It comes with a helper extension that helps the user select the part they want scrape and a UI that lets you manage your scraping jobs.

The project is still a work in progress and is not public at the moment.
Read more in the corresponding blog.

Read more..

Securing Webservice with a HoneyPot

This project worked as a validation for the network & systems security at IMT Atlantique. It was split into different steps:

  • Architecting and dimensioning of the teleservice
  • Audit of the various vulnerabilities in the system
  • Creating IDs rules for the vulnerabilities found (for Snort)
  • Making a high intercation honey (using Mininet) to secure the webservice by redirecting the mallicious traffic once detected
  • Read more..

Binance bot

This project is a crypto trading bot. As soon as I got into cryptocurrencies, I started learning about trading strategies and wondered why I've never seen some strategies I thought of. So I decided, with two of my friends, to code a bot that implements those strategies and backtest it on Binance's data for the ETH/USDT market.
The bot performed slightly better than a HODL strategy, and has a lot of room for improvement.

Parts of the Binance backtesting integration will soon be published publicly as a library.

Read more..

r00b0t

This project was our shot at the opertaing systems' project for Eurecom called Eurecom Kart. Our beloved r00b0t was close to get first place (in a perfect world).

The Eurecom Kart project consists of building a robot using the EV3 Brick, to play a game where it has to win a race against other teams’ robots while throwing and escaping obstacles. The programming side of this project was done thanks to low level techniques acquired during the OS lectures.

Read more..

Paper - Study on the effectiveness of NLP tools for syntactic analysis of French texts.

The paper was a thourough study on the effectiveness of NLP tools (spaCy, MaltParser, and others) when applied on French texts.

June 2019

Experience

Security Researcher

Orange Cyberdefense
  • Implementing attacks on edge computing infrastructure (k8s clusters), and automating the execution of Falco rules to respond to intrusion incidents.
  • Studying&Comparing state of the art of architectures composed of Falcosidekick and OpenFaas (Kubeless, Knative, ..).

Technologies used: Kubernetes, Falco, Python ,Google Cloud platform (GCP), Falco, FalcoSideKick

February 2022 - Present

Security Researcher

SAP Labs France
  • Creating the first Proof of concept of a TEE-based functional encryption on Nvidia Jetson AGX Xavier.
  • Developing several secure applications on top of the Trusty OS following the architecture of the paper ”Iron: Functional Encryption using Intel SGX” by Ben Fisch and Dan Boneh.

Technologies used: C/C++, Network protocols, Bash, Python

April 2021 - October 2021

Software engineer

SAP Paris
  • Working as a software developer in an agile team beside a solution architect and few developers .
  • Developing and Implementing CCFLEX option on 2 PRM applications that generated over 6M€ as a first deal.
  • Collaborating daily with international teams to develop and deploy internal SAP technologies before launching them to the market.

Technologies used: JAVA, JavaScript, SAP Fiori/UI5, HANA, ABAP, JIRA/Git

October 2020 - April 2021

Education

Eurecom

Masters 2 in Cybersecurity
  • Advanced Networks/Systems security
  • Communications security (Protcols analysis)
  • OS (architecture of operating systems)
  • Mobile security,
  • Cloud security
2021 - 2022

IMT Atlantique

Masters 1 in Cybersecurity
  • Networks, Security of Networks/Systems and applications
  • Risk analysis
  • Secure programming
  • Object oriented programming
  • Data structures
2018 - 2021

Budapest University of Technology and Economics

Exchange program Erasmus+
  • Software Techniques (Advanced C#)
  • Theory of Algorithms and System optimisation
  • Graph theory
  • IT security
  • Mobile&Wireless networks
2020 - 2021