The latest articles on Forem by y4seen.lol (@y4seen_lol). https://forem.com/y4seen_lol https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3784233%2Fa58618d9-6d95-4c11-979e-1abb837d8d1a.jpg https://forem.com/y4seen_lol en y4seen.lol Sat, 21 Feb 2026 18:33:52 +0000 https://forem.com/y4seen_lol/about-y4seenlol-1d14 https://forem.com/y4seen_lol/about-y4seenlol-1d14 <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcapsule-render.vercel.app%2Fapi%3Ftype%3Dwaving%26color%3D0%3A0a0a0f%2C50%3A001a33%2C100%3A003366%26height%3D120%26section%3Dheader%26animation%3DfadeIn" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcapsule-render.vercel.app%2Fapi%3Ftype%3Dwaving%26color%3D0%3A0a0a0f%2C50%3A001a33%2C100%3A003366%26height%3D120%26section%3Dheader%26animation%3DfadeIn" width="854" height="120"></a></p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>██╗ ██╗ ██╗ ███████╗███████╗███████╗███╗ ██╗ ╚██╗ ██╔╝██╔╝ ██╔════╝██╔════╝██╔════╝████╗ ██║ ╚████╔╝██╔╝ ███████╗█████╗ █████╗ ██╔██╗ ██║ ╚██╔╝ ██╔╝ ╚════██║██╔══╝ ██╔══╝ ██║╚██╗██║ ██║ ██╔╝ ███████║███████╗███████╗██║ ╚████║ ╚═╝ ╚═╝ ╚══════╝╚══════╝╚══════╝╚═╝ ╚═══╝ </code></pre> </div> <p><a href="https://git.io/typing-svg" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Freadme-typing-svg.demolab.com%3Ffont%3DShare%2BTech%2BMono%26size%3D15%26duration%3D2800%26pause%3D900%26color%3D00A8FF%26center%3Dtrue%26vCenter%3Dtrue%26width%3D750%26lines%3DReverse%2BEngineer%2B%257C%2BBinary%2BAnalyst%2B%257C%2BAPI%2BMethod%2BResearcher%3BI%2Bdecompile%2Bcompiled%2Bcode%2Bacross%2Bany%2Blanguage%2Bor%2Bruntime.%3BHardcoded%2Bpayloads.%2BCall%2Bchains.%2BHidden%2BAPIs.%2BI%2Bread%2Bthem%2Ball.%3BOSINT%2BSpecialist%2B%257C%2BProtocol%2BAnalyst%2B%257C%2BSide%2BCoder%3BKnown%2Bat%2By4seen.lol%2B%25E2%2580%2594%2BKSA%2B%252F%2BIndia" alt="Typing SVG" width="750" height="50"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FKNOWN%2520AS-y4seen-00A8FF%3Fstyle%3Dflat-square%26labelColor%3D0a0a0f" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FKNOWN%2520AS-y4seen-00A8FF%3Fstyle%3Dflat-square%26labelColor%3D0a0a0f" width="122" height="20"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FROLE-Reverse%2520Engineer%2520%2526%2520OSINT-00A8FF%3Fstyle%3Dflat-square%26labelColor%3D0a0a0f" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FROLE-Reverse%2520Engineer%2520%2526%2520OSINT-00A8FF%3Fstyle%3Dflat-square%26labelColor%3D0a0a0f" width="198" height="20"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FSPECIALTY-Binary%2520Analysis%2520%257C%2520API%2520Discovery-00A8FF%3Fstyle%3Dflat-square%26labelColor%3D0a0a0f" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FSPECIALTY-Binary%2520Analysis%2520%257C%2520API%2520Discovery-00A8FF%3Fstyle%3Dflat-square%26labelColor%3D0a0a0f" width="254" height="20"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FBASE-KSA%2520%252F%2520India-00A8FF%3Fstyle%3Dflat-square%26labelColor%3D0a0a0f" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FBASE-KSA%2520%252F%2520India-00A8FF%3Fstyle%3Dflat-square%26labelColor%3D0a0a0f" width="112" height="20"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fkomarev.com%2Fghpvc%2F%3Fusername%3Dy4seen%26color%3D00A8FF%26style%3Dflat-square%26label%3DPROFILE%2BVIEWS" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fkomarev.com%2Fghpvc%2F%3Fusername%3Dy4seen%26color%3D00A8FF%26style%3Dflat-square%26label%3DPROFILE%2BVIEWS" width="118" height="20"></a></p> <h2> <code>[ WHO IS Y4SEEN ]</code> </h2> <p><strong>y4seen</strong> (alias <code>L . | #y4</code>, site: <a href="https://y4seen.lol" rel="noopener noreferrer">y4seen.lol</a>) is a reverse engineer, OSINT specialist, and developer based between <strong>India and Saudi Arabia</strong>. He is widely recognized in the security research community for his ability to <strong>decompile compiled binaries across any language or runtime</strong> — extracting hardcoded values, tracing internal call chains, recovering hidden API methods, and mapping how software actually communicates beneath the surface.</p> <p>His work spans desktop software, web applications, and compiled executables regardless of language — from .NET and Java bytecode to native C/C++ and beyond. He approaches every target the same way: read what the machine was told to do, not what the developer claimed it does.</p> <p>Outside of RE, y4seen is a known <strong>OSINT practitioner</strong> and a capable <strong>side coder</strong> who builds custom tooling in Python and Node.js to automate and extend his research workflows.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌──────────────────────────────────────────────────────────────────────────────┐ │ HANDLE → y4seen │ │ ALIAS → L . | #y4 │ │ SITE → y4seen.lol │ │ AGE → 17 y │ │ BASE → KSA / India (Saudi Arabia / India) │ │ OS → Kali Linux · Windows │ │ │ │ KNOWN FOR → Decompiling compiled code across any language │ │ → Extracting hardcoded payloads, tokens, and API calls │ │ → Tracing how software calls its own internals │ │ → Finding undocumented API methods from binaries &amp; traffic │ │ → OSINT research and deep passive reconnaissance │ │ → Writing custom tools in Python and Node.js │ │ │ │ "Why don't you give up?" │ │ "Because if I do... Who's gonna fight for the others?" │ └──────────────────────────────────────────────────────────────────────────────┘ </code></pre> </div> <h2> ⚙️ <code>REVERSE ENGINEERING — CORE DISCIPLINE</code> </h2> <blockquote> <p>I take compiled code and read it like source. Language doesn't matter. Runtime doesn't matter. If it runs on a machine, I can understand it.</p> </blockquote> <p><strong><code>› Decompiling Compiled Binaries — Any Language, Any Runtime</code></strong></p> <p>My primary skill. I decompile compiled executables and bytecode back to readable logic — regardless of what language they were originally written in. .NET assemblies, Java bytecode, native C/C++ binaries, Electron apps, compiled Python — each has a path back to readable code, and I know all of them.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Language / Runtime → Decompilation Path: .NET (C#, VB) → dnSpy / ILSpy / dotPeek → full C# source recovery Java / Kotlin → jadx / Procyon / CFR → Java class reconstruction Native (C / C++) → Ghidra / x64dbg / Binary Ninja → pseudocode + ASM Electron / Node → asar extract → JS deobfuscation → full app logic Lua bytecode → unluac / luadec → readable Lua source Any obfuscated JS → de4js / AST rewrite / manual → reconstructed logic </code></pre> </div> <p><strong><code>› Extracting Hardcoded Values from Compiled Code</code></strong></p> <p>Developers compile secrets into their software thinking they're safe — API keys, tokens, internal URLs, method names, payload structures. I extract them. Static strings, encrypted constants, XOR-obfuscated values — it all surfaces under analysis.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Automated hardcoded value extractor from compiled binary </span><span class="kn">import</span> <span class="n">re</span><span class="p">,</span> <span class="n">sys</span> <span class="k">with</span> <span class="nf">open</span><span class="p">(</span><span class="n">sys</span><span class="p">.</span><span class="n">argv</span><span class="p">[</span><span class="mi">1</span><span class="p">],</span> <span class="sh">"</span><span class="s">rb</span><span class="sh">"</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span> <span class="n">data</span> <span class="o">=</span> <span class="n">f</span><span class="p">.</span><span class="nf">read</span><span class="p">()</span> <span class="c1"># Extract printable strings (min length 6) </span><span class="n">strings</span> <span class="o">=</span> <span class="n">re</span><span class="p">.</span><span class="nf">findall</span><span class="p">(</span><span class="sa">rb</span><span class="sh">'</span><span class="s">[\x20-\x7e]{6,}</span><span class="sh">'</span><span class="p">,</span> <span class="n">data</span><span class="p">)</span> <span class="c1"># Filter for high-value targets </span><span class="n">targets</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">urls</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span><span class="n">s</span> <span class="k">for</span> <span class="n">s</span> <span class="ow">in</span> <span class="n">strings</span> <span class="k">if</span> <span class="sa">b</span><span class="sh">'</span><span class="s">http</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">s</span> <span class="ow">or</span> <span class="sa">b</span><span class="sh">'</span><span class="s">api.</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">s</span><span class="p">],</span> <span class="sh">"</span><span class="s">keys</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span><span class="n">s</span> <span class="k">for</span> <span class="n">s</span> <span class="ow">in</span> <span class="n">strings</span> <span class="k">if</span> <span class="sa">b</span><span class="sh">'</span><span class="s">key</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">s</span><span class="p">.</span><span class="nf">lower</span><span class="p">()</span> <span class="ow">or</span> <span class="sa">b</span><span class="sh">'</span><span class="s">token</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">s</span><span class="p">.</span><span class="nf">lower</span><span class="p">()</span> <span class="ow">or</span> <span class="sa">b</span><span class="sh">'</span><span class="s">secret</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">s</span><span class="p">.</span><span class="nf">lower</span><span class="p">()],</span> <span class="sh">"</span><span class="s">paths</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span><span class="n">s</span> <span class="k">for</span> <span class="n">s</span> <span class="ow">in</span> <span class="n">strings</span> <span class="k">if</span> <span class="n">s</span><span class="p">.</span><span class="nf">startswith</span><span class="p">(</span><span class="sa">b</span><span class="sh">'</span><span class="s">/</span><span class="sh">'</span><span class="p">)</span> <span class="ow">and</span> <span class="nf">len</span><span class="p">(</span><span class="n">s</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">4</span><span class="p">],</span> <span class="sh">"</span><span class="s">methods</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span><span class="n">s</span> <span class="k">for</span> <span class="n">s</span> <span class="ow">in</span> <span class="n">strings</span> <span class="k">if</span> <span class="sa">b</span><span class="sh">'</span><span class="s">.</span><span class="sh">'</span> <span class="ow">in</span> <span class="n">s</span> <span class="ow">and</span> <span class="n">s</span><span class="p">.</span><span class="nf">isascii</span><span class="p">()],</span> <span class="p">}</span> <span class="k">for</span> <span class="n">category</span><span class="p">,</span> <span class="n">findings</span> <span class="ow">in</span> <span class="n">targets</span><span class="p">.</span><span class="nf">items</span><span class="p">():</span> <span class="k">if</span> <span class="n">findings</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="se">\n</span><span class="s">[+] </span><span class="si">{</span><span class="n">category</span><span class="p">.</span><span class="nf">upper</span><span class="p">()</span><span class="si">}</span><span class="s">:</span><span class="sh">"</span><span class="p">)</span> <span class="k">for</span> <span class="n">f</span> <span class="ow">in</span> <span class="n">findings</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s"> </span><span class="si">{</span><span class="n">f</span><span class="p">.</span><span class="nf">decode</span><span class="p">(</span><span class="n">errors</span><span class="o">=</span><span class="sh">'</span><span class="s">replace</span><span class="sh">'</span><span class="p">)</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <p><strong><code>› Tracing Internal Call Chains</code></strong></p> <p>I don't just find what a binary does — I trace <em>how</em> it does it. I follow the execution path from user action to network request: which function calls which, what gets passed, how payloads are built, where tokens are attached, and what the final outgoing communication looks like.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Call Chain Tracing Methodology: [1] Identify entry point — user action, timer, event handler [2] Follow call graph in Ghidra / dnSpy / jadx [3] Locate the HTTP client or socket call (the exit point) [4] Trace backwards — what built the request body? [5] What built the headers? What signed the payload? [6] What parameters came from hardcoded values vs. runtime state? [7] Reconstruct: full request format, auth logic, payload schema [8] Reproduce the exact call externally from a Python/Node script </code></pre> </div> <p><strong><code>› Payload &amp; API Structure Recovery</code></strong></p> <p>After tracing the call chain, I reconstruct the full payload format — field names, types, required vs. optional parameters, encoding, signing — and document it as a clean API spec that never existed before.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Reconstructed API call from binary analysis — built from decompiled payload logic </span><span class="kn">import</span> <span class="n">requests</span><span class="p">,</span> <span class="n">hashlib</span><span class="p">,</span> <span class="n">hmac</span><span class="p">,</span> <span class="n">time</span><span class="p">,</span> <span class="n">json</span> <span class="c1"># All of this was recovered from the compiled binary: </span><span class="n">BASE_URL</span> <span class="o">=</span> <span class="sh">"</span><span class="s">https://internal.target.com</span><span class="sh">"</span> <span class="c1"># hardcoded in binary </span><span class="n">API_KEY</span> <span class="o">=</span> <span class="sh">"</span><span class="s">recovered_from_binary_constants</span><span class="sh">"</span> <span class="c1"># extracted from .rodata </span><span class="n">SECRET</span> <span class="o">=</span> <span class="sh">"</span><span class="s">reconstructed_from_decompiled_logic</span><span class="sh">"</span> <span class="c1"># recovered from crypto routine </span> <span class="k">def</span> <span class="nf">sign_payload</span><span class="p">(</span><span class="n">body</span><span class="p">:</span> <span class="nb">dict</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span> <span class="n">raw</span> <span class="o">=</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">body</span><span class="p">,</span> <span class="n">separators</span><span class="o">=</span><span class="p">(</span><span class="sh">'</span><span class="s">,</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">:</span><span class="sh">'</span><span class="p">))</span> <span class="k">return</span> <span class="n">hmac</span><span class="p">.</span><span class="nf">new</span><span class="p">(</span><span class="n">SECRET</span><span class="p">.</span><span class="nf">encode</span><span class="p">(),</span> <span class="n">raw</span><span class="p">.</span><span class="nf">encode</span><span class="p">(),</span> <span class="n">hashlib</span><span class="p">.</span><span class="n">sha256</span><span class="p">).</span><span class="nf">hexdigest</span><span class="p">()</span> <span class="k">def</span> <span class="nf">call_internal_method</span><span class="p">(</span><span class="n">method</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">params</span><span class="p">:</span> <span class="nb">dict</span><span class="p">):</span> <span class="n">body</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">jsonrpc</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">2.0</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">method</span><span class="sh">"</span><span class="p">:</span> <span class="n">method</span><span class="p">,</span> <span class="c1"># method names recovered from string table </span> <span class="sh">"</span><span class="s">params</span><span class="sh">"</span><span class="p">:</span> <span class="n">params</span><span class="p">,</span> <span class="sh">"</span><span class="s">id</span><span class="sh">"</span><span class="p">:</span> <span class="mi">1</span><span class="p">,</span> <span class="sh">"</span><span class="s">ts</span><span class="sh">"</span><span class="p">:</span> <span class="nf">int</span><span class="p">(</span><span class="n">time</span><span class="p">.</span><span class="nf">time</span><span class="p">()),</span> <span class="p">}</span> <span class="n">headers</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">X-Api-Key</span><span class="sh">"</span><span class="p">:</span> <span class="n">API_KEY</span><span class="p">,</span> <span class="sh">"</span><span class="s">X-Signature</span><span class="sh">"</span><span class="p">:</span> <span class="nf">sign_payload</span><span class="p">(</span><span class="n">body</span><span class="p">),</span> <span class="sh">"</span><span class="s">Content-Type</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">application/json</span><span class="sh">"</span><span class="p">,</span> <span class="p">}</span> <span class="k">return</span> <span class="n">requests</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="si">{</span><span class="n">BASE_URL</span><span class="si">}</span><span class="s">/rpc</span><span class="sh">"</span><span class="p">,</span> <span class="n">json</span><span class="o">=</span><span class="n">body</span><span class="p">,</span> <span class="n">headers</span><span class="o">=</span><span class="n">headers</span><span class="p">).</span><span class="nf">json</span><span class="p">()</span> <span class="c1"># Call undocumented internal methods discovered through RE </span><span class="n">result</span> <span class="o">=</span> <span class="nf">call_internal_method</span><span class="p">(</span><span class="sh">"</span><span class="s">user.getPrivateData</span><span class="sh">"</span><span class="p">,</span> <span class="p">{</span><span class="sh">"</span><span class="s">uid</span><span class="sh">"</span><span class="p">:</span> <span class="mi">1337</span><span class="p">})</span> <span class="nf">print</span><span class="p">(</span><span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="n">result</span><span class="p">,</span> <span class="n">indent</span><span class="o">=</span><span class="mi">2</span><span class="p">))</span> </code></pre> </div> <h2> 🌐 <code>API METHOD DISCOVERY</code> </h2> <blockquote> <p>Every application has a public API and a real API. I find the real one.</p> </blockquote> <p>I specialize in discovering undocumented API methods, hidden endpoints, and internal communication interfaces that developers never published. My approach combines static binary analysis, live traffic interception, and JS source reconstruction to build a complete map of what an application can actually do.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Discovery Vectors: ├── Binary String Extraction │ Scan compiled executables for embedded URL paths, method names, │ parameter keys, and internal route strings │ ├── Decompiled Source Mining │ Recover HTTP client call sites from decompiled .NET / Java / JS │ Extract: URL construction logic, header assembly, body serialization │ ├── Live Traffic Interception │ Proxy all application traffic through Burp Suite │ Capture undocumented calls made during normal usage │ Identify hidden parameters sent silently by the client │ ├── Call Chain Reconstruction │ Trace from UI event → internal function → HTTP client → wire │ Understand exactly how each API method is invoked and why │ └── Auth &amp; Signing Reconstruction Recover token generation, HMAC signing, and session logic from decompiled crypto routines and header assembly code </code></pre> </div> <h2> 🕵️ <code>OSINT</code> </h2> <p>Deep passive intelligence gathering. I map targets thoroughly before any active analysis begins — infrastructure, identity, history, and exposure.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>OSINT Stack: ├── Subdomain &amp; DNS amass · subfinder · dnsx · crt.sh ├── Infrastructure shodan · censys · fofa · bgp.he.net ├── Historical Records Wayback Machine · URLScan · CommonCrawl ├── Identity &amp; Accounts maigret · holehe · sherlock └── Leak Intelligence breach correlation, credential mapping </code></pre> </div> <h2> 💻 <code>SIDE CODER</code> </h2> <p>I build the tools I need. When existing tooling doesn't fit the job, I write it — clean, purpose-built, and fast.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FPython-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Dpython%26logoColor%3D00A8FF" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FPython-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Dpython%26logoColor%3D00A8FF" alt="Python" width="97" height="28"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FNode.js-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Dnodedotjs%26logoColor%3D00A8FF" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FNode.js-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Dnodedotjs%26logoColor%3D00A8FF" alt="Node.js" width="100" height="28"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FJavaScript-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Djavascript%26logoColor%3D00A8FF" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FJavaScript-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Djavascript%26logoColor%3D00A8FF" alt="JavaScript" width="126" height="28"></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FBash-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Dgnubash%26logoColor%3D00A8FF" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2FBash-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Dgnubash%26logoColor%3D00A8FF" alt="Bash" width="79" height="28"></a></p> <p><strong>What I build:</strong> binary analysis scripts, API call reconstructors, payload forgers, OSINT automation pipelines, deobfuscation helpers, traffic parsers, and custom HTTP clients that speak protocols I reverse engineered.</p> <h2> 🛠️ <code>TOOLCHAIN</code> </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Category</th> <th>Tools</th> </tr> </thead> <tbody> <tr> <td><strong>.NET RE</strong></td> <td>dnSpy · ILSpy · dotPeek · de4dot</td> </tr> <tr> <td><strong>Java / JVM RE</strong></td> <td>jadx · Procyon · CFR · JD-GUI</td> </tr> <tr> <td><strong>Native Binary</strong></td> <td>Ghidra · x64dbg · Binary Ninja · Detect-It-Easy</td> </tr> <tr> <td><strong>Python Bytecode</strong></td> <td>pycdc · uncompyle6</td> </tr> <tr> <td><strong>JS Deobfuscation</strong></td> <td>de4js · AST Explorer · Prettier · Chrome DevTools</td> </tr> <tr> <td><strong>Traffic Analysis</strong></td> <td>Burp Suite · Wireshark · mitmproxy · Fiddler</td> </tr> <tr> <td><strong>OSINT</strong></td> <td>amass · shodan · subfinder · maigret · holehe</td> </tr> <tr> <td><strong>Scripting</strong></td> <td>Python 3 · Node.js · Bash</td> </tr> <tr> <td><strong>Platforms</strong></td> <td>Kali Linux · Windows</td> </tr> </tbody> </table></div> <h2> 📊 <code>STATS</code> </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub-readme-stats.vercel.app%2Fapi%3Fusername%3Dy4seen%26show_icons%3Dtrue%26theme%3Ddark%26hide_border%3Dtrue%26title_color%3D00A8FF%26icon_color%3D00A8FF%26text_color%3Dc9d1d9%26bg_color%3D0a0a0f%26ring_color%3D00A8FF%26count_private%3Dtrue" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub-readme-stats.vercel.app%2Fapi%3Fusername%3Dy4seen%26show_icons%3Dtrue%26theme%3Ddark%26hide_border%3Dtrue%26title_color%3D00A8FF%26icon_color%3D00A8FF%26text_color%3Dc9d1d9%26bg_color%3D0a0a0f%26ring_color%3D00A8FF%26count_private%3Dtrue" width="800" height="400"></a><br>   <br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub-readme-stats.vercel.app%2Fapi%2Ftop-langs%2F%3Fusername%3Dy4seen%26layout%3Dcompact%26theme%3Ddark%26hide_border%3Dtrue%26title_color%3D00A8FF%26text_color%3Dc9d1d9%26bg_color%3D0a0a0f%26langs_count%3D6" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub-readme-stats.vercel.app%2Fapi%2Ftop-langs%2F%3Fusername%3Dy4seen%26layout%3Dcompact%26theme%3Ddark%26hide_border%3Dtrue%26title_color%3D00A8FF%26text_color%3Dc9d1d9%26bg_color%3D0a0a0f%26langs_count%3D6" width="800" height="400"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub-readme-streak-stats.herokuapp.com%3Fuser%3Dy4seen%26theme%3Ddark%26hide_border%3Dtrue%26background%3D0a0a0f%26ring%3D00A8FF%26fire%3D00A8FF%26currStreakLabel%3D00A8FF%26sideLabels%3D00A8FF%26dates%3D555555" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fgithub-readme-streak-stats.herokuapp.com%3Fuser%3Dy4seen%26theme%3Ddark%26hide_border%3Dtrue%26background%3D0a0a0f%26ring%3D00A8FF%26fire%3D00A8FF%26currStreakLabel%3D00A8FF%26sideLabels%3D00A8FF%26dates%3D555555" width="495" height="195"></a></p> <h2> 🔭 <code>CURRENTLY</code> </h2> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">current</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">"</span><span class="s">working_on</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span> <span class="sh">"</span><span class="s">Tracing call chains in compiled desktop software</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">Recovering undocumented API methods from binaries</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">Building automated payload reconstructors in Python</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">OSINT pipeline for passive infrastructure mapping</span><span class="sh">"</span><span class="p">,</span> <span class="p">],</span> <span class="sh">"</span><span class="s">sharpening</span><span class="sh">"</span><span class="p">:</span> <span class="p">[</span> <span class="sh">"</span><span class="s">Deeper native binary analysis — x86/x64 assembly fluency</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">Deobfuscation techniques for advanced packing / protection schemes</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">Writing cleaner, faster automation tooling</span><span class="sh">"</span><span class="p">,</span> <span class="p">],</span> <span class="sh">"</span><span class="s">playing</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Roblox</span><span class="sh">"</span><span class="p">,</span> <span class="p">}</span> </code></pre> </div> <h2> 📡 <code>REACH ME</code> </h2> <p><a href="https://y4seen.lol" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2Fy4seen.lol-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Dfirefoxbrowser%26logoColor%3D00A8FF" alt="Website" width="124" height="28"></a><br>  <br> <a href="https://discord.com/users/y4seen" rel="noopener noreferrer"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2Fy4seen.lol-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Ddiscord%26logoColor%3D00A8FF" alt="Discord" width="124" height="28"></a><br>  <br> <a href="mailto:y4seen@y4seen.lol"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimg.shields.io%2Fbadge%2Fy4seen%40y4seen.lol-0a0a0f%3Fstyle%3Dfor-the-badge%26logo%3Dprotonmail%26logoColor%3D00A8FF" alt="Email" width="186" height="28"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcapsule-render.vercel.app%2Fapi%3Ftype%3Dwaving%26color%3D0%3A003366%2C50%3A001a33%2C100%3A0a0a0f%26height%3D100%26section%3Dfooter" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcapsule-render.vercel.app%2Fapi%3Ftype%3Dwaving%26color%3D0%3A003366%2C50%3A001a33%2C100%3A0a0a0f%26height%3D100%26section%3Dfooter" width="854" height="100"></a></p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌──(y4㉿kali)-[~] └─$ echo "SYSTEM SECURE. SESSION ACTIVE. ANALYSIS ONGOING." SYSTEM SECURE. SESSION ACTIVE. ANALYSIS ONGOING. </code></pre> </div> <p><em>Every compiled binary tells a story. I just speak the language.</em></p> <p><strong>y4seen · y4seen.lol · Reverse Engineer · OSINT · Developer · KSA / India</strong></p> reverse software webdev tutorial