Security engineer and full-stack developer operating from Algeria. I build systems that are powerful by design and bulletproof by necessity — from web platforms to red team operations.
NAILI is the practice of Marwan Naili — a self-built security engineer and developer who forged his skills through years of real-world problem-solving, underground community experience, and an uncompromising drive for mastery.
Based in Algeria and operating without borders, NAILI delivers elite-grade cybersecurity consulting, custom software engineering, and AI automation solutions to clients who demand excellence over mediocrity.
"I don't just write code. I architect solutions that think like an attacker, perform like a machine, and scale like a business."
Whether you need a penetration test that actually finds what others miss, a web platform built for scale and security, or an AI agent that runs itself — NAILI is the operative you want on your side.
End-to-end digital engineering and security solutions — delivered with precision, built to last.
Full-scope offensive security operations — web apps, network infrastructure, OSINT, and social engineering. Real threat simulation, not checkbox compliance.
Full-stack web platforms engineered for performance, security, and scalability. Custom backends, clean frontends, production-ready from day one.
Scripts, bots, automation pipelines, and data processing systems. If it's repetitive, we make it autonomous. Expert-level Python, clean code guaranteed.
Custom autonomous AI agent systems — multi-agent orchestration, LLM integration, tool use pipelines, and intelligent automation frameworks built for real deployments.
Architecture review, vulnerability assessment, and security consulting for startups and SMEs. Identify weaknesses before attackers do. Clear reports, actionable fixes.
Robust backend systems, API design, database architecture, and cloud deployment. Serverless, containerized, or bare-metal — the right tool for your architecture.
Years of hands-on expertise across development, security, and infrastructure.
Real systems. Real complexity. Built from zero to production.
A full autonomous multi-agent orchestration platform built on Flask, featuring persistent subagent management, real-time SSE log streaming, API key rotation between Groq and NVIDIA, SQLite state persistence, and a Telegram admin panel — all in a minimal single-process architecture.
An agentic penetration testing platform orchestrated by a Flask backend deployed on Railway. Features rotating free Gemini API keys for LLM-driven recon and analysis, a dedicated toolbox container, SQLite target tracking, and streamed operation logs. Designed to automate the reconnaissance and vulnerability enumeration pipeline.
A zero-knowledge dead man's switch with AES-256-GCM encryption, Argon2id key derivation, and Shamir's Secret Sharing for anonymous, fault-tolerant data delivery. Designed for whistleblowers, journalists, and privacy-critical use cases. One-time payment model. No logs, no identity.
A production web platform with an integrated AI execution layer — Flask backend, plain HTML/CSS/JS frontend, Paiza.io-powered remote code execution, and plugin API connectors. Built for real-world deployment on free-tier infrastructure without compromise on performance or reliability.
Ready to secure your systems, build your platform, or architect something new? Reach out — response within 24 hours.