Skip to content
security research / backend engineering / tool building

0x1RIS

Backend systems designed by someone who knows how they'll be attacked

Fundamentals Offensive Security Backend Cheatsheets
scroll

0x1RIS /root# whoami

Backend engineer who breaks things before deploying them Penetration tester who writes exploits that actually work Tool builder who automates the boring shit so you don't have to

I design systems that survive code review AND penetration testing - not because security is a checklist phase , but because i've spent years on both sides of the fence and stopped writing vulnerable code by accident a long time ago

flowchart TD
    Q["See something interesting"] --> R{"Check the docs"}
    R -->|Docs exist n make sense| S["Learn it properly"]
    R -->|Docs are trash or missing| T["Time to reverse engineer"]
    S --> U{"Found a crack?"}
    T --> U
    U -->|"0-day / RCE"| V["Disclose responsibly or collect bounty"]
    U -->|"Just a misconfig"| W["Exploit for fun , document for learning"]
    U -->|"Nothing there"| X["You still learned how it works"]
    W --> V
    X --> Q

/root# ls -la ~/sections/

Path Description
basics/ The fundamentals - Linux , Windows , networking , crypto , DFIR - no shortcuts , no bullshit
offsec/ Recon , exploitation , post-exploit , AD attacks , Android pentesting , payloads
backend/ Node.js , Express , Next.js , NestJS , databases , DevOps - production-grade patterns
langs/ Cheatsheets for shell scripting , C/C++/Rust , Python , SQL , JS/TS
0x1ris/ About me , projects , certs , contact

/root# cat ~/.motd

You're not here for motivational quotes You're here for working exploits , hardened configs , and the kind of knowledge that comes from breaking things until they stay broken

Every section is built the same way i approach security:

  1. Understand the fundamentals - no skipping , no shortcuts
  2. Practice the techniques - real commands , tested on real systems
  3. Break it yourself - because reading doesn't teach you shit
  4. Build your own tools - stop copy-pasting from GitHub like a script kiddie

The content here is raw , unfiltered , and maintained by someone who actually does this for a living

/root# fortune

"Stop reading motivational bullshit and start actually learning"

"Persistence beats intelligence"

"Script kiddies run tools - operators understand them"

"If you can't explain it without a slide deck , you don't understand it"

"Brain (optional) - but it helps"

/root# ping -c 1 0x1ris

PING 0x1RIS.dev (security.engineering) 56(84) bytes of data.
64 bytes from 0x1RIS: icmp_seq=1 ttl=64 time=0.00ms
64 bytes from 0x1RIS: icmp_seq=2 ttl=64 time=0.01ms

--- 0x1RIS ping statistics ---
2 packets transmitted, 2 received, 0% packet loss
time=0.01ms
rtt min/avg/max/mdev = 0.00/0.01/0.01/0.00ms

reachable via:

  • GitHub: github.com/0x1ris - code , tools , projects
  • LinkedIn: linkedin.com/in/0x1RIS - professional profile
  • Telegram: @M7_1RIS - quick questions & chaos
  • Email: mahmoud.gamal.work.pentest@gmail.com - for business
  • TryHackMe / HackTheBox: @0x1RIS - catch me in the labs

Designed for impact. Built to scale. Hardened by experience