Nizar Lahmar (oxl0rd)
Cybersecurity  ·  Blue Team  ·  Offensive Security
// about

Cybersecurity student at Full Sail University, graduating January 2027 with a B.S. in Cybersecurity. Focused on both defensive and offensive security — building detection infrastructure, writing tools in C++, and working through real-world attack scenarios in CTFs and labs.

I hold CompTIA A+, Security+, and CySA+, with the CCNA and eJPT in progress. My work spans SOC detection engineering, threat simulation, and systems-level tooling.

Fluent in English, French, and Arabic. Based in Winter Park, FL.

Location
Winter Park, FL
Degrees
B.S. Cybersecurity, 4.00 GPA
A.S. Information Technology, 4.00 GPA
Availability
TBD
// skills & certifications
Certifications
CompTIA A+ CompTIA Security+ CompTIA CySA+ CCNA — in progress eJPT — in progress
Offensive Security
Penetration Testing Web App Exploitation Active Directory Attacks Privilege Escalation C2 Development Payload Crafting Evasion Techniques CTF / HTB Metasploit Burp Suite
Defensive Security
SIEM / Wazuh Detection Engineering Intrusion Detection Threat Hunting Incident Response Vulnerability Assessment Log Analysis MITRE ATT&CK
GRC & Compliance
Security Policy Development Risk Management Access Control Frameworks Data Classification PCI DSS GDPR Least Privilege Principles Vendor Risk Management Change Management Security Awareness
Systems & Low-Level
C++17 x86 Assembly Memory Management OS Internals Binary Analysis Linux Windows Internals
Networking
TCP/IP DNS / DHCP / HTTP(S) Packet Analysis Wireshark Network Segmentation Firewalls & ACLs VPN / Tunneling Active Directory
Tools & Platforms
Kali Linux Nmap VirtualBox / QEMU/KVM Azure Git VS Code AI-Assisted Workflows
Languages
C++ Python Bash PowerShell x86 Assembly
// projects
C2 Framework
github ↗
Custom command-and-control framework written in C++17. Implements encrypted communication channels, modular payload architecture, and evasion-aware design. Built to study adversary tradecraft and improve detection engineering on the blue team side.
C++17 Offensive Tooling Network Comms Evasion
SOC Detection Lab
writeup ↗
Multi-VM homelab running Wazuh SIEM with custom detection rules mapped to MITRE ATT&CK. Simulated attack scenarios — credential dumping, lateral movement, persistence — then built and tuned alerts to catch them. Documented end-to-end in a lab report.
Wazuh MITRE ATT&CK Detection Engineering VirtualBox
Multi-VM Web Infrastructure Deployment
Designed and deployed a multi-VM web infrastructure for a simulated law firm client. Built a LAMP stack on Ubuntu hosting WordPress, and a separate Rocky Linux VM running a Ghost blog on Docker behind an Nginx reverse proxy. Configured SSH access, custom network topology, firewall rules, and inter-VM routing across the environment.
Linux Ubuntu / Rocky Linux LAMP Stack Docker Nginx Hardening SSH Networking
HTB / CTF Writeups
read ↗
Ongoing documentation of Hack The Box machines and CTF challenges. Covers web exploitation, privilege escalation, and more. Written to be technically precise and educational.
HTB Web Exploitation Privilege Escalation AD Attacks
Enterprise Security Plan
Collaborated on a full organizational security plan for a simulated e-commerce company. Authored individual policy documents covering access control, acceptable use, and more. Addressed regulatory requirements including PCI DSS and GDPR, defined roles and responsibilities, and established exception handling with mitigating controls.
GRC Policy Development PCI DSS GDPR Access Control Risk Management
// profiles
Hack The Box
Active practice on HTB machines and challenges. Focus on Linux/Windows privilege escalation, web exploitation, and Active Directory.
oxl0rd
HackerOne
Bug bounty platform. Actively developing skills in responsible disclosure and real-world vulnerability research.
r3aloxl0rd
GitHub
Source code for personal projects including the C2 framework, SOC lab documentation, and tooling written in C++ and Python.
nizarlahmar
LinkedIn
Professional profile with full work history, certifications, and endorsements.
nizar-lahmar
// more about me
Philosophy

I write about some philosophical subjects — everything from deep inquiries like questioning the study of philosophy itself, to more practical relevant things like poking holes in our understanding of validation. Published on Substack: Mathasophia ↗

Guitar

I love playing the guitar! Currently learning the Rick & Morty "For the Damaged Coda" song.

Writing

I love writing, in general. Not only the aforementioned philosophy, but also screenplays, books and short stories.

// contact
Email
contact@nizarlahmar.com
LinkedIn
linkedin.com/in/nizar-lahmar ↗
GitHub
github.com/nizarlahmar ↗
Location
Winter Park, FL

Current resume(s) — updated June 2026

Download BLUE TEAM Resume Download RED TEAM Resume