Otmane Laaziz

Experienced DevOps engineer with 1 year of experience specializing in optimizing software development and deployment processes. Proficient in implementing and managing DevOps practices, I bring expertise in continuous integration/continuous deployment (CI/CD), software automation, implementing and maintaining Infrastructure as Code (IAC) using AWS Terraform. Skilled in automating deployment, scaling, and management of applications and infrastructure on cloud platforms such as AWS. Responsible in collaborating with development and operations teams to ensure smooth and efficient workflows. I excel in fostering cross-functional collaboration to deliver innovative solutions that enhance efficiency, reliability. Passionate about staying up-to-date of emerging technologies and best practices, I am committed to driving continuous improvement and maximizing the value delivered to stakeholders.

Penetration Test Project (CPEG-559-11-Ethical Hacking)

Worked on (nextcloud.com) organization website and utilized the (hackerone) platform to report findings.

Objective: Identify vulnerabilities that malicious hackers could exploit to access data.

Conducted footprinting to collect information about: Employees, Domain names, Subdomains, DNS servers, Emails, Operating systems, Database schema, Firewalls, Network topology, and IP addresses.

Utilized Google dork queries to gather information about FTP, SFTP, or login portals.

Employed the following tools for information gathering:

Netcraft and Pentest_tools: Identifying domains, subdomains, geographical locations, IP addresses, and scanning.

Shodan:Detecting devices and networks with vulnerabilities.

Burp Suite:Conducting security testing of web applications, including SQL injection and cross-site scripting.

Identified a high-risk vulnerability in the Apache system during scanning:

Vulnerability: CVE-2022-22720

Description:Apache HTTP Server 2.4.52 and earlier fails to close inbound connections when errors occur, discarding the request body, which exposes the server to HTTP Request Smuggling.

Online University Application(CPSC 597AB-Adv Probs)

The objective of the app is to provide an interactive and convenient way for users to learn and improve their English skills. The app is designed for both administrators and users. Administrators can add and manage course materials such as videos, files, and homework assignments. They can also manage student accounts and their submitted articles.

Regular users, on the other hand, can access and view the course materials and submit their own articles for feedback.

The app was built in Django platform and the back-end language was python. The front end I used HTML, CSS, Bootstrap, JavaScript, and jQuery.
Technology:
Backend: Python (Django framework)
Frontend: Javascript, Bootstrap and jQuery.

CI/CD: Jenkins

Cloud: AWS S3 bucket
Version control: Github

Online University Application(CPSC 555-Web-Based Application Development)-

The object of the web application is to provide a platform for buying and selling cars. It allows users to upload information and pictures of the cars they are selling, and buyers can view these listings to find the cars they are interested in.

Users can upload information such as the car's make and model, year, mileage, condition, and price. They can also upload pictures to give buyers a better idea of what the car looks like. Buyers can browse the listings and view the cars' details and photos to find the one they want to purchase.

The administration can access the same information as the buyers, and also have the ability to update or delete the listings. The app aims to provide an easy and efficient way for users to buy and sell cars.

The app was built in Django platform and the back-end language was python. The front end I used HTML, CSS, Bootstrap, JavaScript, and jQuery.

A program for an ATM machine(CPSC-501-11-OOP With Design Patterns)

The object of the ATM machine program is to provide users with the ability to perform financial transactions. The program allows users to withdraw cash from their account, check their account balance, and transfer money to another account. Users can enter their PIN, and select the desired transaction from the ATM's menu. They can then enter the amount of cash they wish to withdraw, or the account number and amount for a money transfer. The program will then complete the transaction and update the user's account balance accordingly.

The program also allows for additional functionalities like deposit cash, change pin, mini statement, etc. It aims to provide users with a convenient and secure way to manage their money.

Introduction to Cybersecurity in Cisco

Google IT Support Professional Certificate