About

Hi — I’m Zohir (aka 𝙽!𝙻)

I’m 20 years old and I study in my third year at ESTIN (Higher School of Computer Science & Technology).
I’m a CTF player, a curious tinkerer, and someone who gets weirdly excited by crash dumps and stubborn bugs.

I’ve been to 150+ CTF events and those hours of puzzling built my habits: try fast, fail often, and learn the one trick that makes the next exploit click. But speed isn’t the whole story — I also slow down to actually understand real binaries, OS behavior, and why things fail the way they do.

How I got here

It started with puzzles — picoCTF, TryHackMe, the little wins that teach you how to think. The puzzles opened doors: static reversing, quick dynamic checks, and then the deeper questions about why a program behaved the way it did.

From there I moved into OS internals and reversing. Studying internals felt like learning the machine’s grammar: once you know the rules, you can ask better questions. That naturally led to exploring how those rules can be bent or broken — and that’s how exploitation, kernel attack surfaces, and eventually malware development entered the picture.

I’m not doing this for drama. I do it because I want to understand — both how the system works and how it can be misused — so I can design better defenses and build stronger, safer tools.

What I study & practise

Windows internals: debugging processes/threads, tracing module loads, following handles, reproducing crashes and turning them into explanations. I learn by doing — experiment, instrument, and write down the exact steps so I don’t forget.
Reverse engineering: static + dynamic, function → flow → structure. CTF writeups train speed; real binaries train patience.
forensics (4n6): quick triage checklists, finding injected or hollowed processes, extracting artifacts that reveal truth when files vanish.
Malware development & analysis: I’m a maldev student and researcher — building small, controlled lab tests to explore persistence, communication, evasion, and how analysts detect or miss behavior.
Exploitation goals: kernel abusing and Windows privilege/kernel exploitation — this is where I want to get very good.

Where I practise (some of my playgrounds)

picoCTF — https://play.picoctf.org/users/zx41r
TryHackMe — https://tryhackme.com/p/Zx41R
CyberDefenders — https://cyberdefenders.org/p/Zx41R/
I also learn from pwn.college-style practicals, practical OS exercises, and a lot of hands-on reversing labs.

A short, honest line

I study every day. I research. I break things in a lab so I can put them back together with notes. I’m learning kernel abuse and Windows exploitation because that’s the hardest, messiest part that actually matters in the real world — and I love the work even when it’s frustrating.

Want to follow or reach out?

GitHub: https://github.com/ZX41R
LinkedIn: https://www.linkedin.com/in/hakmi-zohir-87b896299
picoCTF / TryHackMe / CyberDefenders links above

If you want to trade notes, test an idea, or just rant about an impossible bug — hit me up. I’m always learning and happy to share what I’ve found.