⚡ About Me (TL;DR)
- 🧪 Malware Internals & Threat Hunting: Specializing in Windows internals, EDR evasion, and reverse engineering @ Cytomate
- 🧵 Tech Stack: Rust, Go, C/C++, x86/x64 Assembly, PowerShell, Bash
- 🛠️ Focus Areas: Exploit dev, AD pentesting, shellcode encryption, offline vuln scanning
- 🛰️ Learning Lane: Post-Quantum Cryptography, Quantum Computing, Network Forensics
- 🤝 Collab Goals: Offensive/defensive open-source tools (ethical, lawful research)
- 🧰 Day Job: Reverse → Break → Detect → Repeat
Note: All experiments conducted in controlled lab environments for R&D and defense.
🧾 Cyber Card
user@lab:~$ whoami && hostname && date
noman psiberus-lab $(now)
OS: Win11/Kali/Arch | Editor: nvim + VSCode + CLion
Stacks: Rust • Go • C/C++ • Python • TS • Assembly
Targets: Win32/64, AD, browsers, Office, network toys
Lab: VMware/Hyper-V • AD forest • ELK • MDE • Sysmon • Zeek
📦 Operations / What I'm Building
- Psiberus: Rust + Go + Tauri adversary-sim suite. Agent, operator UI, MQTT/RabbitMQ backend, ELK/MDE/Sysmon telemetry
- Shifa SSO Platform: Hospital-grade SSO for Oracle Forms 11g/12c with AD/Kerberos auth, custom token handoff, JCI/ISO 27001 compliance
- Rust Metrics → WS Gateway: System metrics (CPU, disk, thermals) streamed to Tauri UI via WebSocket
- Go Microservices: Gin APIs, MQTT listeners, Oracle/MariaDB clients, C2-lite task runners, Windows service lifecycle
- Offline Vuln Scans: OpenSCAP, Lynis, CVE Binary Tool scripts for air-gapped Linux/macOS/Windows, mapping to CVEs
- FastAPI CVE Manager: JWT-auth app for generating/downloading CVE check scripts, optimized for Google Cloud
- Shellcode Encryption: Go-based AES-256-CTR encryption/decryption with hexdump output for loaders
- AD Pentesting Suite: Credential dumping, password spraying, and privilege escalation using Mimikatz, CrackMapExec, Impacket
- Windows Service Monitor: Go program for OCT folder monitoring and secure uploads, running as a Windows service
Repo hub: github.com/NomanNasirMinhas
🗂️ Recent Projects (2024–2026)
| Repo | Lang | Description |
|---|---|---|
| Offensive-Rust | Rust | Offensive security toolkit: C2 server, local & remote shellcode injection, WinAPI MessageBox bindings |
| CPP-Utils | C++ | C++ utility library used for malware/offensive tooling development (MSVC) |
| Offensive-Go | Go | GoShark – Wails + Svelte desktop packet capture UI; NetworkMonitor passive listener |
| ARP-Puker | Rust | ARP-based MITM attacker – gratuitous ARP poisoning & packet interception |
| Qiskit-Basic-Of-Quantum-Information | Python | Qiskit Jupyter notebooks: single-qubit & multi-qubit quantum information fundamentals |
| Pentesting-Notes | — | AD attack mindmap (Excalidraw), pentest cheatsheets, CherryTree structured notes |
| Rust-Driver-Clone | Rust | Windows kernel driver written in Rust (WDK) – EDR/AV internals research |
| binary-to-shellcode | — | Educational: convert a full PE binary to position-independent shellcode with encryption support |
🧭 Research Focus
- Windows Internals & Evasion: DLL unhooking, ETW/AMSI patching, section-remap loaders, thread hijack/APC, token/handle manipulation
- Auth/AD Tradecraft: NTLMv1/v2 capture (Inveigh/Responder), Hashcat cracking, BloodHound pathing, Impacket ops
- Network Forensics: Zeek/Suricata signals, PCAP triage, WPAD/Proxy research, TLS fingerprinting
- Crypto/PQC: Kyber/Dilithium studies, secure channel design, key management
🤖 Hacker's Arsenal
- Languages: C, C++, Rust, Python, Go, Assembly, PowerShell, Bash
- Cyber Skills: Exploit Development, Reverse Engineering, Network Pentesting, Web3 Security, AD Attacks, Vulnerability Scanning
- Software Skills: FastAPI, Dockerized Deployments, Offline Auditing, Shellcode Encryption
- Tools: IDA Pro, Ghidra, Wireshark, Metasploit, Burp Suite, Volatility, Nmap, OpenSCAP, Lynis, CVE Binary Tool, Mimikatz, CrackMapExec, Impacket, sqlmap, BloodHound, Sysmon, Zeek
🏥 Healthcare & Compliance
- Workflows: Chat, video, schedules, lab results with privacy-by-design
- Standards: JCI, ISO/IEC 27001:2022 (RBAC, audit trails, least privilege)
✍️ Posts & Talks
- Medium @malicious-dll
- Topics: Loader design, ETW/AMSI research, token/handle internals, memory forensics, AD attack/defense
🧪 Labs & Badges
📊 Hack Stats
📡 Connect to the Matrix
- 💬 Ping me about GoLang, Rust, Networking, Cyber Ops, Exploit Dev
- 📧 Transmit to: contact.nomanminhas@gmail.com
- 🌐 Base station: beacons.ai/malicious.dll
🔐 Contact / Keys
- 📫 Email: contact.nomanminhas@gmail.com
- 🧭 Links hub: beacons.ai/malicious.dll
- 🐦 Twitter/X: @malicious_dll
"Break the system, secure the future."
🦂 Malware Slayer | Code Alchemist | Red Team Operative
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠶⠶⠤⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣆⡀⠀⠈⠳⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⢿⣶⣤⣤⣽⣆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⢿⡿⠛⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⠤⠤⠤⠤⠤⢤⣤⣀⠀⠀⣸⣇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⣴⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⣾⣿⣧⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⢸⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⠻⢿⣿⣶⣤⣀⡀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠸⣿⣦⣀⠀⢀⣠⠤⠤⠤⠤⣀⠀⠀⠀⠀⠀⠈⠉⠉⠙⠛⠓⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠈⠻⠿⡿⠛⠁⠀⠀⠀⠀⠀⠉⠓⠂⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⢶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⣶⡶
⠀⠘⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠃
⠀⠀⠈⠻⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠟⠁⠀
⠀⠀⠀⠀⠀⠀⠉⠙⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠛⠉⠀⠀⠀