SELECT_ENGAGEMENTS · SENIOR_LEVEL_ONLY

Hard data problems.
Solved properly.

Anti-bot architecture, data pipeline design, and Node.js/TypeScript systems — built from production experience, not tutorials. If your problem involves getting reliable structured data from systems that resist it, that's the specific work done here.

Evidence_Of_Work

50+ concurrent crawler campaigns across 5+ EU markets

Mobile API extraction from APKs with certificate pinning and tamper detection

Anti-bot framework defeating Cloudflare, DataDome, PerimeterX

Production PostgreSQL pipelines — millions of records, zero data loss events

Solo engineer on two live products (Al Bayrouni + APEX) from architecture to deploy

Private security research: ARES, NYX, STYX, SIGINT, HERMES, PHOBOS, PROTEUS

What I Build.

ANTI_BOT · CRAWL_ARCHITECTURE

Getting data from systems that resist it.

Cloudflare, DataDome, PerimeterX, Akamai — the standard evasion playbook loses because you're always reacting to signals the defender defined. The approach here exits that game entirely.

TLS fingerprint engineering (JA3/JA4, BoringSSL ClientHello), HTTP/2 frame ordering, behavioral timing with human physics, session aging from cold to trusted, proxy orchestration with health tracking. Not individual tricks — a layered architecture where each layer addresses a different detection surface.

Built on real production work: 50+ concurrent crawler campaigns across 5+ EU markets, food delivery, automotive, custom client pipelines. APEX is the live system; engagements apply the same architecture to your specific target.

Anti-bot framework case study →

Deliverables

  • Anti-bot bypass architecture (Cloudflare, DataDome, PerimeterX, custom)
  • TLS fingerprint matching + JA3/JA4 engineering
  • Behavioral timing models (human inter-event distributions)
  • Session aging strategy + proxy mesh design
  • Rate limit characterization + sustainable cadence modeling
  • Mobile API extraction (APK → decompile → dynamic instrumentation → crawler)

DATA_PIPELINES · POSTGRESQL

Extract, normalize, deduplicate, deliver.

Raw crawl output is not data. Turning hostile web surfaces into clean, queryable, deduplicated records that downstream systems can trust — that's the actual work.

PostgreSQL change-tracking stores with canonical deduplication. Campaign state machines (PENDING → RUNNING → PAUSED → COMPLETE → ERROR) with advisory locks and full crash recovery. Raw HTML archived to S3. Normalized records into a unified schema with currency conversion, deduplication by canonical identifier, and structured output for any consumer.

Orchestration via SQS, workers on ECS, GUI-based selector tool so non-engineers can configure new markets without code changes.

Large-scale crawling architecture →

Deliverables

  • PostgreSQL schema design for crawl data + change tracking
  • Deduplication strategy (canonical ID, field-level delta tracking)
  • Campaign state machine with crash recovery + no-data-loss guarantees
  • AWS infrastructure (ECS, SQS, S3, RDS, CloudFront) — Terraform-managed
  • Normalization pipeline: heterogeneous sources → unified schema
  • Weekly competitive intelligence delivery pipelines

NODE_JS · TYPESCRIPT · SYSTEMS

Production-grade backend systems.

Nine years of Node.js/TypeScript, architecture-first. NestJS monorepos, Next.js full-stack, Docker multi-stage builds, GitHub Actions CI/CD, Cloudflare Workers edge functions.

The work spans the full stack when needed — NestJS APIs with PostgreSQL, Stripe integration, Resend email flows, Cloudflare Pages deployment, wrangler configuration — but the core is backend systems design. Modular, typed, tested at the boundary, deployable in under 5 minutes.

Two live products built solo: Al Bayrouni (NestJS + Next.js + PostgreSQL + Stripe) and rahmounidev.com (Next.js 15 on Cloudflare Pages). Both in production.

Deliverables

  • NestJS API design — modules, guards, interceptors, pipes
  • Next.js 15 App Router (React 19, edge runtime, server components)
  • PostgreSQL schema design + query optimization
  • Stripe integration (checkout, webhooks, invoice flows)
  • Docker + GitHub Actions CI/CD pipelines
  • Cloudflare Pages / Workers deployment

How It Works.

01

Scoped Problem

Every engagement starts with the specific problem — not a service package. What data do you need, from where, at what frequency, into what system.

02

Fixed Scope

Work is scoped before it starts. Deliverables, timeline, and output format are defined upfront. No open-ended retainers, no scope creep by default.

03

Senior Only

No team, no handoffs. Every line of architecture and code is direct work. Engagements are selective — the problem needs to be interesting enough to do well.

04

Contact for Rates

Rates depend on scope, complexity, and timeline. Reach out with the problem first. If it's a fit, a scoping call follows.

PRIVATE_RESEARCH

Offensive security research.

Ongoing private research across ARES, NYX, STYX, SIGINT, HERMES, PHOBOS, and PROTEUS. This is depth-building, not a service currently offered. The knowledge informs the crawl and data engineering work — anti-bot evasion and C2 beacon evasion share the same primitives. Documented as it develops on Al Bayrouni.

START_HERE

Got a data problem?

Describe the problem — what you need, from where, what the target looks like, and what you want on the other end. No commitment, no pitch. If it's a fit, a scoping call follows.

INITIALIZE_CONTACT

RAHMOUNIDEV · SELECT_ENGAGEMENTS

© 2026