Systems & Security Engineering Student

Mohamed
Boubaza

cybersecurity enjoyer

Download CV

Systems & Security Engineering Student · ENSA Khouribga · 1337 Coding School 43°42'31.6"N 124°06'11.2"W

150919772316UTC

Scroll

Projects

ARCHITECT · DEPLOY · SECURE

HMLAB-01

Infrastructure

Enterprise Homelab

A from-scratch Type-1 Hypervisor environment running on enterprise hardware. Includes active directory, segmented VLANs, IDS/IPS, and centralized logging.

Architecture Details:
Bare-metal Proxmox VE with strict VLAN segmentation via pfSense. Separate zones for untrusted IoT, guests, and core infrastructure.

Security Stack:
Suricata IDS/IPS · Wazuh SIEM · Pi-hole DNS sinkholing · Fail2ban

Proxmox VEpfSenseDockerWazuh

Explore Setup

MDSA-02

Kernel Security

MEDUSA

A kernel-level anti-ransomware system for Linux that uses eBPF to detect ransomware in real-time, freeze malicious processes, intercept encryption keys, and enable full file recovery.

How It Works:
MEDUSA hooks into OpenSSL's EVP_EncryptInit_ex via BPF uprobes to capture encryption keys the instant ransomware uses them. LSM hooks protect honeypot tripwire files at the kernel level.

3-Layer Defense:
Layer 1: Honeypot trap files detect and freeze ransomware before it touches real data. Layer 2: Cryptographic API hooks extract encryption keys from process memory. Layer 3: Memory scanning fallback for statically-linked binaries.

eBPFCLinux KernelAnti-Ransomware

View on GitHub

1337-04

Low-Level Systems

1337 Projects

A collection of systems-level projects built at 1337 Coding School (42 Network). From custom shell implementations to kernel-level eBPF programs.

Highlights:
Custom shell (minishell), ray tracer (miniRT), philosophers synchronization problem, and the ft_containers reimplementation of the C++ STL.

CC++eBPFSystems

View on GitHub

B2BR-05

System Hardening

Born2beRoot

Designed and deployed a hardened Debian virtual machine from scratch. Configured strict firewall rules, SSH hardening, password policies, LVM partitioning, and automated monitoring.

Security Hardening:
AppArmor profiles, UFW firewall rules, password complexity policies via PAM, encrypted partitions with LVM, and cron-based system monitoring.

DebianLVMSSHAppArmor

Read Case Study

These are just the highlights.

Curious about the rest?

See all on GitHub

Who I Am ?

Mohamed Boubaza

I'm a Systems & Information Security engineering student currently pursuing my Diplôme d'Ingénieur d'État at ENSA Khouribga, alongside software engineering studies at 1337 Coding School (42 Network).

As an active learner, I thrive on practical exploration—whether that means building and securing infrastructure, analyzing vulnerabilities, or diving into low-level systems architecture. I take pride in being highly adaptable, constantly exploring new domains to build a versatile and robust engineering foundation.

I'm driven by a simple philosophy: the best way to understand a system is to take it apart and rebuild it stronger. I'm currently seeking a demanding internship opportunity where I can bring this hands-on engineering mindset to a professional team.

What I Work With

SYSTEMS & AUTOMATION

Linux Debian / Ubuntu Red Hat (RHEL) Access Control AppArmor Bash Scripting Cron Automation

KERNEL & NETWORK DEFENSE

eBPF / BPF LSM Hooks Wireshark Nmap UFW Hardening Secure SSH DNS / DHCP

INFRASTRUCTURE

Proxmox VE KVM Encrypted LVM Bare-Metal Admin

DEVELOPMENT

C (System/Kernel) Python Java

Certifications

IN PROGRESS...

Identity Clearance

Certified Red Team Professional

Altered Security

[ID] COMPUTING LOGIC...
[STATUS] PENDING CLEARANCE

MohamedBoubaza