LAZ — Please wait

Loading...

LAZ

Hi, I'm

LAZ

|

Digital Forensics Investigator · Software Engineer · Cybersecurity Researcher

About

Software Engineer

A developer since 2018 — built more than 12 applications and worked on large development projects and highly sensitive government projects.

Digital Forensics Investigator

Malware analysis, backdoor detection, memory analysis, C2 data extraction, and taking down scam sites.

Vulnerability Researcher

Finding vulnerabilities in major platforms like Epic Games, Snapchat, Discord, Meta, TikTok, plus documented CVEs.

CEO & CTF Player

Founder of the GhostByte team — 1st place in HackWave25 CTF, participation in BlackHat and more.

0 Apps Built
0 Government Sites
0 Scam Sites Taken Down
0 BugCrowd Discord Rank

Coding Journey

From Low-Level to Full-Stack — Learn, Apply, Repeat

19
2019 Native & Low-Level Languages
C C++ Assembly C# Binary

My journey with native languages started here. I learned C, C++, Assembly, Binary and C#. This stage was the real foundation — through it I learned the core logic of programming languages.

The key point here is that C helped me understand how most languages work later on. After learning these, I could easily go on to learn others.

20
2020 A Year of Laziness... Then Awareness

In 2020 my focus was entirely on games and laziness. COVID spread and stopped us from everything — football, the gym, going out and hanging around. All activity stopped.

But this year was a year of awareness for me. I realized I had to refocus and stop wasting my time. That realization is what pushed me to come back strong in 2021.

21
2021 PHP — The Language That Opened Doors
PHP HTML CSS

I finished learning PHP in just 5 months of continuous study. I liked it because it helped me a lot in big projects — building dashboards for schools and government bodies, coding Telegram bots and protection bots, and government websites, using structural languages like HTML and CSS.

Post celebrating finishing PHP
22
2022 Python, Lua & Dart — Cyber Tools and Apps
Python Lua Dart Flutter

I learned Python and Lua for FiveM, and Dart because it follows the same style. Python was the language that helped me most in building cyber tools, earning through tool-making, coding APIs, dealing with all kinds of sites and APIs, and building vulnerability scanners and request send/analysis tools. Even my first educational malware was made with it.

Dart + Flutter — I learned them because the job market needed app developers at the time. With AI's help I set up a simple roadmap to learn Dart with the Flutter framework. It was the best choice — coding one app that runs on Android and iPhone at once is amazing. The professional edge is the near-native handling and being able to build a full app without relying on third parties, unlike Expo React Native which depends about 77% on external libraries and services.

23
2023 Go & JavaScript — Real Projects
Go JavaScript Rust

I started learning Rust, Go and JavaScript. I slacked a bit with Rust and focused more on Go and JS because my projects needed them more. I kept at it for 12 months and succeeded in mastering and using them in real, large projects.

First complete large project: PHP Backend API + Go + JavaScript + HTML + CSS
24
2024 Rust — The Hardest Challenge
Rust

I went back to learn Rust seriously. I got to know the front-end then moved into the back-end. It was one of the hardest experiences — the language is somewhat complex, the compiler is very strict, and dealing with Cargo and debugging was one of the most annoying things for me. But thankfully I finished it in 2024.

My passion for it grew after the White House Office of the National Cyber Director (ONCD) issued, in February 2024, an official recommendation for developers to adopt memory-safe languages, chief among them Rust. Especially after I learned it's used in huge projects like Discord and others.

UDP Flooding Tool — September 13, 2024
25
2025 Partnerships and Professional Apps

I built 3 apps in partnership with a telecom company and designed the API architecture securely and professionally. AI played a big role in analyzing and improving security weaknesses and work quality.

There are also many side projects I didn't mention because they aren't at the level of the big ones listed. All these projects and experiences are what made me able to handle any programming environment easily and understand any new language by reading its logic and grasping how it works.

Programming is not memorization.

Learn → Apply → Repeat

The more you apply what you've learned, the much easier programming becomes. Many people think programming means memorizing all the code — that's wrong. You start by understanding the basics, then build real projects, and if you forget a certain library or function, you look up its documentation and learn to use it. By repeating this process you'll start to memorize the workflow automatically.

The mind is not an SSD… it's an HDD.

A quote of my own — inspired by my study of hardware in digital forensics and my knowledge of the difference between them.

Projects

GBE.lol

2024 — Closed

A file-hosting site that achieved great success — 230K visits and 604 files uploaded daily. It was shut down due to the load, while gaining great experience in running high-traffic, high-demand sites.

File HostingFull-StackHigh TrafficScalability

Tnbeh — Alert

A protection system for Discord servers against scammers — an alert bot that protects servers from theft and sabotage, with the site tnbeh.com.

Discord BotSecurityWeb App

CyberPost Lab

A Chrome extension for testing HTTP requests — an offline tool for vulnerability researchers to test APIs and flaws like SQLi and XSS. Released for free.

Chrome ExtensionSecurity ToolOpen Source

CrackMalware

A platform to analyze, decrypt and publish reports on malware — made for security researchers.

Malware AnalysisPlatformResearch

myvouch.es

A large project — I worked as a developer to update and improve the platform.

Full-StackWeb Development

FiveM Files Guard

A standalone protection system for FiveM scripts — protecting files and code from theft and tampering.

FiveMFile ProtectionAnti-Tamper

CIA Bot — Telegram

An OSINT bot on Telegram to extract data and search for users easily.

OSINTTelegram BotIntelligence

UDP Flooding Tool

A network stress-testing tool written in Rust — for research and educational purposes.

RustNetworkingStress Test

Government Projects

Classified

Designing government dashboards and APIs and building their protection systems — cannot be disclosed to ensure privacy.

GovernmentDashboardAPI Security
+11

more projects I can't announce due to privacy

Cybersecurity & Achievements

13th Place

Among Discord bug hunters on the BugCrowd platform

0-Day in Discord

A P1 vulnerability — the highest severity level

14 Government Sites

Finding sensitive vulnerabilities in government sites across multiple countries, with official letters of appreciation

Vulnerabilities in Major Platforms

Discord
Snapchat
Meta
TikTok
Epic Games

Documented CVEs

CVE-2024-2997
XSS

A Cross-Site Scripting flaw in the Bdtask Multi-Store Inventory Management System — injecting malicious scripts via category and brand names.

CVE-2024-7703
File Upload

A flaw in the ARMember plugin for WordPress — file upload and bypassing security restrictions with subscriber-level privileges and above.

CVE-2024-6043
SQL Injection

A flaw in SourceCodester Best House Rental Management System 1.0 — SQL injection via the username parameter in admin_class.php.

Countries Reported In

🇸🇦 Saudi Arabia 🇦🇪 UAE 🇶🇦 Qatar 🇲🇾 Malaysia 🇻🇳 Vietnam 🇮🇳 India 🇵🇰 Pakistan 🇬🇧 United Kingdom

GhostByte Team

CEO & Founder

1st Place

HackWave25 — CTF

This achievement was entirely a team effort; although I didn't take part as an individual, the guys did brilliantly and got it done. They took first place hours after the challenge began — special thanks to Saad, ./DaLToN and the rest of the team.

View the Post
GhostByte #1 in HackWave25
Top rankings in BlackHat
Participation in multiple CTF competitions
A team specialized in cybersecurity

Malware Analysis

Backdoor Analysis

Detecting and analyzing advanced backdoors through memory analysis and recognizing malware patterns. Building educational tools to demonstrate bypass methods, and reporting them.

Bypassing Antivirus

Creating educational EXE files that demonstrate methods to bypass major antivirus software like Avast and others — with official reporting and an acknowledged bypass.

Taking Down 15 Scam Sites

Analyzing fake sites claiming to offer voice-changing tools to deceive Discord users — extracting C2 data and contacting hosting companies to take them down.

Lobby App Investigation

Finding serious vulnerabilities in the Lobby voice-chat app — reporting recurring flaws to the company until the app was fully shut down due to security and financial problems.

Certifications

CEH

Certified Ethical Hacker

CEH

CEH v12

Certified Ethical Hacker

CEH v12

CHFI

Computer Hacking Forensic Investigator

CHFI

CND

Certified Network Defender

CND

CPNET

Certified Penetration Testing

CPENT

DFE

Digital Forensics Essentials

DFE

EHE

Ethical Hacking Essentials

EHE

Order a Service

Got a project or an idea? Fill out the form and your request reaches me directly.

Contact Me