Cyber-Defense | Services & Projects


Cyber-Defense: Services & Projects

Expert ethical hackers with 10+ years of experience • Open-source contributors • Real-world security testing and engineering.

Penetration Testing
Red Teaming
Secure Development
AppSec Governance
Education

Core Services

  • Penetration Tests — Systems, infrastructure, networks, mobile, and APIs.
  • SMSI Building — Design and deployment of Information Security Management Systems.
  • Threat Response & Mitigation — Incident handling and remediation.
  • Risk Analysis & Red Teaming — Regular assessements and adversarial simulations.
  • Education & Training — Awareness programs, hacker techniques, and social engineering.
  • Integration of Security Solutions — Commercial & open-source stack integration.
  • Secure Development — Web, systems, mobile, and embedded systems.

Specialized Propositions

  • External Assessment — OSINT, black-box tests, social engineering, exploitation, reporting.
  • Internal Assessment — On-site stealth tests, reconnaissance, light exploitation, reporting.
  • User Education — Security concepts, attacker methods, social engineering, prevention reflexes.
  • Stress Test Simulation — API/APP load, DoS resilience, bug hunting, misconfig discovery and improvement suggestions.

Quick Facts

  • Founded by ethical hackers.
  • Discovery of major security vulnerabilities.
  • 10+ years experience.
  • Active open-source security contributors.

Focus Areas

Banking & Payments
Telecom & BPO
Retail
Industrial

Project References

Application Security Assessment Selected

Client Period Description
Attijariwafa Bank 2017–2019 Mobile app security; in-house business applications security; network security; configuration assessements.
Société Générale (Maroc & Côte d’Ivoire) 2019–2025 Mobile app security; in-house applications security; network security; configuration assessements.
HPS 2018–Present Application security governance; PowerCARD security enhancements; AppSec training; penetration testing.

Red Teaming Selected

Client Period Description
Marwa 2022–Present “President” fraud simulation; malware/ransomware simulations; solution resilience; data confidentiality tests; continuous phishing (1 year); penetration testing; open-source WAF integration; PKI creation.
Intelcia 2024–Present Red Teaming; application security governance; Active Directory/Inrastructure Penetration Testing; AppSec; penetration testing; VoIP assessements.

Stress Tests Selected

Client Period Description
OCP 2017 API/APP multi-user simulation; DoS resilience; bug/code flaw discovery; misconfiguration analysis.
HPS / BMCE Daman Pay / Cash 2021 Multi-user simulation; misconfiguration discovery.
HPS 2018–Present Appsec,PowerCARD security enhancements;Penetration testing,Multi-user simulation; DoS resilience; Security code assessements; misconfiguration discovery; developer training.
BMCE / HPS / Daman Cash 2023–2024 Multi-user simulation; misconfiguration discovery; code security assessements.

© Cyber-Defense.