Won "Best Emirati Startup" with CTFae @ GISEC UAE 2024
Head of Engineering @ CTFae Β· Full-stack, DevOps & security engineer who builds and ships with agentic AI Β· OSCP Β· Guinness World Record (largest CTF)
-0A66C2?style=for-the-badge&logo=googlemaps&logoColor=white){kind=icon}
Head of Engineering & Co-Founder at CTFae
OSCP-certified. I ship AI and break it like an attacker (5+ years in offensive security)
DevOps enthusiast. I automate everything
Cybersecurity educator and community builder
Computer Engineering graduate (+ CS minor) from AUS
- β Over my 10 years on GitHub, I have opened 151 issues, opened 158 PRs, pushed 6365 commits, created 43 repositories, contributed to 61 projects, gathered 87 stars across all my repos and gists
| Period | Company | Role |
|---|---|---|
| 2021 - Present | CTFae | Head of Engineering & Co-Founder |
| 2022 - Dec 2025 | Malcrove | Senior Cyber Security Consultant |
| 2019 - 2024 | GDI.Foundation | Volunteer |
βοΈ Platform & Infrastructure
Challenge Deployment API
Provisions containerized CTF challenges to AWS ECS on demand and auto-scales. Ran the world's largest CTF at 10,000+ concurrent users (BlackHat MEA, Guinness World Record).
   |
CyberRanges
IaC platform that spins up multi-VM attack-defense environments across AWS and GCP.
   |
|
Attack-Defense Checksystem
Real-time scoring for 100+ teams at once, with Celery workers and PgCat-pooled PostgreSQL.
  |
π€ Agentic AI & LLMs
|
ProjectHailMary
Solo-operated agentic vulnerability finder. One orchestrator drives 60+ charter-bearing subagents through a validation gauntlet into a deterministic CLEAR / HOLD / REJECT verdict. 23 modules, 465+ tests.
|
LLM-AD-Defense
Autonomous SOC analyst on Gemini 2.5 Pro. It ingests Wazuh EDR alerts, reasons about the threat, and runs its own remediation, down to isolating a compromised Active Directory account.
|
LLMChessArena
Any LLM vs any LLM, Stockfish, or a human, over OpenRouter. Real-time WebSocket streaming, move-by-move Stockfish evals, and a live leaderboard. (code)
   |
BuzzerMinds
A live multiplayer trivia party game. Every question is LLM-generated and grounded against real sources via SearXNG, with fact cards and strict schemas to keep the AI honest.
 |
PiCodeReview
Multi-tier agentic code reviewer on the Pi SDK: cheap-model hunters over-report, a frontier-model judge re-reads the code and prunes the false positives. A 30-minute take-home challenge.
|
π Data & Web
|
VisualizeAUS
20 years of my university's course data turned into an interactive exploration (Plotly + Quarto).
 |
AUSCrawl
The crawler behind it: pulls AUS's Banner registration system into a clean, analyzable dataset.
|
|
DOSArchive
My dad's (Yasser Awad) old DOS programs, emulated so you can run them right in your browser.
 |
π Awards & Recognition
- [2024] π Guinness World Record for the largest CTF in the world with CTFae @ BlackHat MEA 2024 (link)
- [2025] π Won "Best Community Engagement" with CTFae @ UAE CyberSecurity Awards 2025 (link)
- [2024] π Won "Best Emirati Startup" with CTFae @ GISEC UAE 2024 (link)
- [2024] π Became the Official CTF Partner for GISEC UAE (link)
- [2021] π Awarded the "Outstanding CSE Student Talent Award" at AUS (link)
- [2021] π Created & hosted the longest CTF in UAE with CTFae (link)
π» Events Hosted with CTFae
- [2025] Hosted the first ever Bug Bounty CTF @ DEFCON 33 (link)
- [2025] Hosted the Dubai Cyber Security Challenge @ GITEX 2025 (link)
- [2025] Hosted the Bahrain National CTF (link)
- [2025] Hosted BSides Nashville CTF (2nd year) (link)
- [2024] Hosted CTF @ GITEX GLOBAL showcasing Cyber Drill technology (link)
- [2024] Hosted CTF for BSides Nashville (first USA CTF!) (link)
- [2023] Hosted the ADQ CTF (link)
- [2023] Hosted CTF for BlackHat Saudi Arabia (link)
- [2023] Hosted CTF for GITEX Africa in Morocco (link)
- [2023] Hosted CTF for HITB Amsterdam (link)
- [2022] Hosted Dubai Police CTF (link)
- [2022] Hosted CTF for the first BlackHat in Saudi Arabia (link)
- [2022] Hosted CTF for Government of Thailand @ TBCERT (link)
- [2021] Hosted the largest CTF in the Middle East @ AtHack (link)
- [2021] Hosted jeopardy CTF @ HITB CyberWeek (link)
π€ Speaking & Training
- [2024] Gave CTFae's first Cyber Drill workshop @ HITB SecConf Thailand (link)
- [2024] Talk about CTFae's story and success @ CPX CyberAlley (link)
- [2021] 2-day training in Attack Defense CTFs @ HITB SECCONF (link_1) (link_2)
- [2020] Demonstrated password stealing Windows attack @ GISEC (link)
- [2019] Invited speaker @ DESC UAE
π₯ CTF Competition Wins
| Year | Place | Competition |
|---|---|---|
| 2021 | π₯ 1st | The Hunt SOCathon @ GISEC (link) |
| 2020 | π₯ 1st | CyberKnight CTF (link) |
| 2020 | π₯ 1st | CyberTalents UAE Regional CTF (link) |
| 2020 | π₯ 1st | HITB Lockdown CTF (link) |
| 2019 | π₯ 1st | CyberBattle Of The Emirates (link) |
| 2019 | π₯ 2nd | HITB AI Challenge (link) |
| 2019 | π₯ 3rd | CyberTalents Arab Regional CTF (link) |
| 2019 | π₯ 1st | CyberTalents UAE Regional CTF (link) |
| 2019 | π₯ 1st | Dubai Police CTF (link) |
| 2018 | π₯ 1st | CyberQuest Attack & Defence (link) |
| 2016 | π₯ 1st | CyberQuest CTF (link) |
| 2016 | π₯ 2nd | NYU CSAW Forensics CTF (link) |
This README generates every 3 hours. It was last generated Wednesday, June 3rd 2026, 1:06:12.