Assem Merzoug

Welcome to my cybersecurity portfolio! This website showcases my journey, technical skills, and career aspirations in cybersecurity.

Assem
$ whoami
Assem Merzoug - Security Researcher

$ status
Currently: Electrical Engineering Student & Independent Security Researcher

$ interests
Penetration Testing, Malware Analysis, Threat Hunting

About Me

Security Researcher

Hi! I'm Assem, a cybersecurity enthusiast dedicated to learning and applying best practices to protect systems and data. Currently pursuing a master's degree in Electrical Engineering while focusing on penetration testing, malware engineering, and security research.

My journey in cybersecurity began with a fascination for how systems can be protected from malicious actors. Since then, I've immersed myself in learning various security concepts, tools, and techniques to become proficient in identifying and mitigating vulnerabilities.

Current Role:

Electrical Engineering Student and Independent Security Researcher

Passion:

I have a strong interest in penetration testing and helping companies enhance their security posture. I participate in bug bounty programs and CTF challenges to stay updated on the latest security trends.

Career Objective:

My goal is to become a Certified Ethical Hacker (CEH) and work in a Security Operations Center (SOC) as a Threat Analyst or Penetration Tester, specializing in proactive threat hunting and vulnerability management.

Fun Facts:

When I'm not working on cybersecurity, I enjoy training, 3D creation, video editing, and exploring new technologies.

Technical Skills

Network Security

  • Wireshark, tcpdump
  • Firewall configuration
  • VPN implementation
  • Network vulnerability scanning
  • TCP/IP, DNS security

Penetration Testing

  • Metasploit, Burp Suite
  • Cobalt Strike, Kali Linux
  • Nikto, Nmap
  • OWASP Top 10 exploitation
  • Web application testing

Malware Analysis

  • IDA Pro, Ghidra
  • Hybrid Analysis
  • Volatility Framework
  • Cuckoo Sandbox
  • Reverse engineering

Programming

  • Python (Security scripting)
  • Bash (Automation)
  • JavaScript (Web security)
  • C (System security)
  • ARM & x86 Assembly

Cloud & SIEM

  • AWS Inspector
  • Azure Security Center
  • Splunk, ELK Stack
  • Graylog, AlienVault
  • Cloud security best practices

Concepts & Frameworks

  • Vulnerability Management
  • Incident Response Lifecycle
  • Secure SDLC
  • Threat Intelligence
  • Zero Trust Architecture
  • Red Team/Blue Team exercises

Learning Journey

What I've Learned So Far

  • Gained a solid foundation in penetration testing, including OWASP Top10 vulnerability exploitation
  • Learned to use tools like Wireshark, Nmap, and Metasploit for network analysis and threat detection
  • Developed skills in malware reverse engineering using Ghidra and IDA
  • Acquired knowledge of vulnerability management and incident response lifecycle
  • Mastered network security concepts including TCP/IP, firewalls, and VPNs

Improvement Plan Objectives

  • Continue practicing malware analysis with real-world samples in a safe lab environment
  • Enroll in advanced courses on incident response and forensic analysis
  • Participate in Capture the Flag (CTF) challenges to hone practical skills
  • Focus on cloud security and container security technologies
  • Develop custom security tools and scripts in Python
  • Obtain OSCP and CEH certifications to validate skills
  • Contribute to open-source security projects
  • Build a home lab for testing advanced security techniques
  • Develop expertise in threat intelligence and hunting methodologies
  • Master advanced penetration testing techniques for cloud environments

Career Objective

My ultimate goal is to become a Certified Ethical Hacker (CEH) and work in a Security Operations Center (SOC) as a Threat Analyst or Penetration Tester. I aim to specialize in proactive threat hunting, vulnerability management, and helping organizations secure their digital infrastructure.