Awaab KheiriSecurity Testing & Vulnerability Research
Specializing in practical security testing, vulnerability discovery, and secure system design. Working across web, cloud, and network environments to build stronger defenses through methodical analysis and hands-on experimentation.
Open to cybersecurity R&D internships, research roles, and offensive security opportunities.
Backend Engineering — SaMaS Gamify
Backend engineering for gamified learning platforms and serverless APIs.
Backend Engineer — SaMaS Gamify
Built and maintained serverless backends and relational data stores for gamified learning platforms.
AWS Lambda serverless functions
PostgreSQL backend development and schema design
Featured Work
Selected projects and security research write-ups
Hardware Security Assessment: $10 IoT Camera Network Analysis
This report documents Part 2 of a hardware security assessment on a budget IoT camera ($10 USD). Through isolated network traffic analysis using Wireshark, I captured and analyzed the camera's network behavior. Key findings include: unencrypted bootloader communication, encrypted video stream on UDP port 34593 (local-only transmission), mandatory WireGuard VPN tunnel to manufacturer's server, and telemetry collection via msftconnect.com connectivity checks. The analysis reveals the device prioritizes cloud connectivity over local security, with all non-video traffic routed through an encrypted manufacturer-controlled tunnel.
Hardware Security Assessment: $10 IoT Camera UART Extraction & Firmware Analysis
This report documents a hardware security assessment of a budget IoT camera ($10 USD). Through UART extraction and bootloader analysis, I successfully captured the full boot sequence, identifying critical firmware vulnerabilities: Ingenic XBurst T23 SoC with EOL U-Boot 2013.07 and Linux 3.10.14 kernel—both lacking 8+ years of security patches. The analysis reveals absent secure boot mechanisms, writable flash partitions, and exposed debug interfaces. Part 1 establishes the attack surface; subsequent phases will involve SPI flash extraction and network reconnaissance for deeper vulnerability mapping.
HackTheBox -- Pterodactyl (MEDIUM) Experience
I’ll walk through my experience tackling the HackTheBox "Pterodactyl" CTF (Medium). I'll showcase my thought process, tools, and methods as I work through each stage — whether I succeed or hit roadblocks. The goal isn't just solving it, but highlighting how I approach challenges and sharpen my skills along the way. As of now this machine remains unsolved.
ZTE ZXHN H298A Home Gateway – Hardware Recon & Boot Process Analysis
An initial hardware security assessment of the ZTE ZXHN H298A home gateway focusing on physical access, UART discovery, and boot process analysis. This post documents the methodology, extracted bootlogs, observed security mechanisms, and limitations encountered, with proposed next steps for deeper firmware and bootloader analysis.