👋 I'm Hamza Haroon a.k.a TheGriffyn

A Cyber Security under graduate student who loves to make and break things. A passionate programmer, hacker, CTF player, runner and a cyclist 🚴🏻.

Skills

• Programming Languages: Python, C, C++, C#, JavaScript, Bash, Batch, PowerShell
• Tools & Frameworks: IDA Pro, GDB, Volatility, Docker, Metasploit, Burp Suite, Cobalt Strike, Nessus, Nmap, Impacket, OpenStack
• Platforms: Linux, Windows, Vercel, AWS, Azure, GCP, DigitalOcean, Cloudflare

Experience

• Application Security Engineer at Trustline (October 2023 - Present) [Remote]
• Cyber Security Analyst at AirOverflow (Present) [Hybrid]
• OSINT Analyst at Confidential (July 2023 - September 2023) [On-Site]

Education

• Bachelors in Cyber Security from Air University, Islamabad (2021 - 2025)

Certifications

• eLearnSecurity Certified Professional Penetration Tester (eCPPT)
• Cisco Certified Network Associate
• CS50P (Harvard University)

HacktheBox

Achievements

• 1st Place in ByteBolt CTF organized by ByteBoltSec, online (2023)
• 2nd Place in Pakistan Cyber Security Challenge CTF organized by NCCS, on-site (2023)
• 3rd Place in Digital Pakistan Cyber Security Hackathon Final organized by MoITT and IGNITE, on-site in Islamabad (2023)
• 32nd Place in Black Hat MEA 2023 World Final
• 3rd Place in NUST Hackathon CTF organized by Military College of Signals (2023)
• 3rd Place in Softec CTF 2024 by FAST NUCES Lahore (solo)
• 3rd Place in AirTech CTF 2024 by Air University
• 5th Place in DeconstruCTF 2023 organized by DSC-VIT, online (2023)

Projects

• National Cybersecurity Trainings 2023 - I was one of the three Technical Organizers for the online module of the Ignite's Nationwide Cyber Security Training Workshops 2023 across 9 cities in Pakistan where thousands of students attempted my challenges. I was responsible for all the technical infrastructure, challenges, training of instructors across Pakistan. The project was done under Ignite by Ministry of IT and Telecom.
• AIRange - AIRange is a student built and managed Cyber Range with Capture The Flag and Attack Defense platform solely for learning of Air University Students.
• Obfuscapy - Obfuscapy is a Python script designed to obfuscate Python payloads, making them undetectable to antivirus solutions. It's particularly useful for penetration testers and red teamers who need to evade detection while testing security measures.
• Gmail Phisher - Gmail Phisher is a powerful and user-friendly tool designed for conducting Gmail phishing attacks with ease.
• Email-Tracker - This tool has the capacity to track the Geolocation of the receiver of a email including IP address, Coordinates, and time of opening an email. Moreover, the sender gets a SMS on his phone whenever an email is opened.
• Username Hunter - Username Hunter is a Python based OSINT tool that allows you to hunt usernames across various social platforms. It checks the availability of usernames on platforms such as Facebook, TikTok, YouTube, Twitter, and many others.
• Textor - Textor is a GUI-based application written in Python that allows users to create, modify, and delete text files.

Additional Experiences

• Technical Secretary at Air University Cyber Security Society (2023 - Present) - I am leading Red, Blue, CTF and Coding Teams at AUCSS.
• Joint Secretary at Air University Cyber Security Society (2022-2023)
• Graphics Team Lead at Google Developer Student Club Air University (Aug 2022 - Nov 2023) - p.s fun fact: the logo used by GDSC-AU is designed by me :P
• Think Tank Lead at Microsoft Learn Student Ambassadors Air University (Mar 2022 - Jun 2022)

Reach out to me

• Discord: TheGriffyn
• Email: hamzaharooon@protonmail.com
• Twitter: @thegr1ffyn
• LinkedIn: Hamza Haroon
• GitHub: thegr1ffyn
• Website: thegriffyn.me