Hi there π, Iβm Askar!
Hi there π, Iβm Askar!
Offensive security engineer, vulnerability researcher, and tool builder. I spend most of my time breaking things, writing about how I broke them, and building tools to break them better.
Iβve spent years working across red team engagements, vulnerability research, and exploit development. Iβve responsibly disclosed multiple vulnerabilities with full exploit code, published 20+ technical blog posts, and contributed to security education across the MENA region. Currently exploring cloud security, Windows internals, and AI-assisted vulnerability hunting.
π Tools Iβve Built
- Octopus C2 β Open-source command and control framework
- DNSStager β DNS-based payload staging tool for red team operations
π Recent Research
- Chaining ISC DHCP Server features for unauthenticated root RCE
- CVE-2024-11320 β PandoraFMS remote code execution
- CVE-2023-0315 β Froxlor remote code execution
- Using AI services to mask C2 communications
- Abusing Tyk API management for C2 obfuscation
π¬ Book a Session
Want to dive into something technical together? I offer one-on-one consultation sessions covering exploit development, red teaming, vulnerability research, career guidance, and more. Book a slot and letβs get into it.
π« Letβs Connect
