
$ whoami
Younes Elbarj
Cybersecurity Analyst & Penetration Tester — Morocco
Security specialist focused on offensive operations, SIEM deployment, and self-hosted secure infrastructure. Available for offensive and defensive cybersecurity engagements.
//tools & technologies
//experience
IPRC – an HPS Company, Casablanca
Cybersecurity Analyst Intern (Final Year Project)
- Designed and deployed a SIEM environment using Splunk for centralized log collection and security visualization
- Configured Sysmon for Windows event collection and behavioral analysis
- Deployed pfSense firewall for network traffic management and segmentation
- Integrated Suricata as an IDS/IPS for real-time intrusion detection and prevention
- Built a complete security monitoring environment for incident detection and analysis
//featured projects
view moreSIEM Environment – Final Year Project
Designed and deployed a full SIEM stack using Splunk to centralize and visualize security logs. Configured Sysmon, pfSense, and Suricata to build a complete security monitoring environment for incident detection.
Active Directory Red Teaming
End-to-end compromise of a Windows domain environment. Implemented a realistic red team attack chain and used offensive tooling to analyze each stage of the intrusion — from initial access to domain dominance.
//recent posts
view moreHTB: Silentium — API Info Disclosure to Flowise MCP RCE
A staging API leaks password-reset tokens through an information-disclosure flaw, handing us credentials to a Flowise instance. From there, a server-side JavaScript injection in the MCP endpoint delivers RCE inside a Docker container, and leaked environment credentials pivot us all the way to root.
May 14, 2026
HTB: CCTV — Blind SQLi to Dual RCE
Two CVEs, one box. We exploit a blind SQL injection in ZoneMinder to get credentials, pivot to a hidden motionEye service via SSH port forwarding, then land root through an authenticated RCE.
April 7, 2026