Education

Courses

  1. Information Security (University, 2024–2024)
    CYS-204. Understanding and mastering various aspects of Information security.

  2. Application of information and communication technologies (University, 2023–2023)
    CS181. Mastering the fundamentals of cybersecurity and staying updated on technological advancements.

  3. Secure Software Development (University, 2023–2023)
    CY4001. Learning the art of building secure and robust software.

Degrees

  1. Master of Science in Information Security (2022) – (from COMSATS University Islamabad, Islamabad, Pakistan)
    In this degree, I researched, evaluated, and developed cybersecurity products and tools, learned about threat monitoring, avoiding, and elimination, created automated tools to increase the effectiveness of deception setup, and became familiar with new technologies. (link).

  2. Bachelor of Science in Information Technology (2019) – (from Quaid-i-Azam University, Islamabad, Pakistan)
    This degree turned my passion for technology into a future-focused career. Its hands-on, industry-based skills prepared me for an exciting future in a constantly evolving cyber industry. (link).

Master’s Thesis

  1. Azhar Ghafoor, Dr. Masoom Alam (2022) – (in Cyber Deception)
    Measuring The Effectiveness Of Geotagging In Cyber Deception (link).

Courses & Certifications

  1. ISO 9001 QUALITY MANAGEMENT SKILLFRONT SYSTEMS ASSOCIATE from SkillFront (2023).

  2. Foundations of Cybersecurity from Google, Coursera (2021).

  3. Foundation Level Threat intelligence Analyst from arcX (2023).

  4. ISO/IEC 27001 Information Security Associate from SkillFront (2023).

  5. Intro to DFIR-The Divide and Conquer Process from Cyber Triage (2023).

  6. Phishing Email Analysis from LetsDefend (2023).

  7. Ethical Hacking Essentials (EHE) from EC-Council (2023).

  8. Microsoft Security, Compliance, and Identity Fundamentals - Describe the concepts of security, compliance, and identity from Microsoft (2023).

  9. Microsoft PowerPoint assessment from Linkedin (2022).

  10. HCIA Security from Huawei (2021).

  11. Certified Ethical Hacker(CEH) from PFTP (2022).

Cyber Security Writings

  1. Installing a Virtual Machine (VMDK) on VMware Workstation (2023) – on Medium
    Creating a Workstation virtual machine using existing VMDK virtual disks. (link).

  2. Effective Subdomain Crawling using Python (2023) – on Medium
    Demonstrates practical steps in creating a Python-based tool for reconnaissance to identify all subdomains of a specified domain. (link).

  3. Effective Subdomain Crawling using Python (2023) – on Medium
    Demonstrates practical steps in creating a Python-based tool for reconnaissance to identify all subdomains of a specified domain. (link).

  4. Deception Systems— An Innovative Honeyed Setup to Catch Adversaries (2022) – on Medium
    A geotagging-enabled deception system to increase the number of attackers and attacks by challenging attackers’ skills and by motivating them to come up with new and advanced techniques to bypass decoyed security barriers to seize critical (honeyed) documents, ultimately helping us to understand those new attacks. (link).

  5. Email Stealer — How Hackers Steal Emails from Outlook (2022) – on Medium
    Stealing all emails from the victim’s machine without leaving any footprints of the attack. (link).

  6. Extraction of Emails & Header Information from Outlook to Detect Phishing Attacks (2022) – on Medium
    Illustrates practical steps for extracting crucial data from email headers to uncover the actual address of the attacker behind a phishing email. (link).

  7. A Practical Approach to Phishing Detection Using Email Header (2022) – on Medium
    Emphasizes the importance of learning to analyze email headers to identify phishing emails and enhance cybersecurity. By examining metadata, users can unveil the true origins of emails, distinguishing between legitimate communication and potential phishing attempts. Key flags to check include the sender’s domain, authentication status, and Received headers for irregularities. Acquiring this skill is crucial in recognizing and mitigating phishing scams, fostering a heightened awareness of cybersecurity threats. (link).

Hands-On Cybercraft

  1. Shellshock Vulnerability Guide (2023) – on Google Drive
    Shellshock vulnerability is a critical security flaw in Bash, a widely-used Unix shell. It allows attackers to execute arbitrary commands on a targeted system, posing a significant threat. To better understand and strengthen your cybersecurity skills, I have created a concise guide on practicing the Shellshock vulnerability. Dive into this resource for hands-on experience and step-by-step instructions on how to simulate and mitigate Shellshock attacks. Explore, learn, and feel free to reach out with any questions. Let’s elevate our understanding of cybersecurity together! (link).

  2. Steganography Guide (2023) – on Google Drive
    Steganography, the art of covert data concealment, is a captivating facet of cybersecurity. Explore my concise guide on steganography, its significance, and tools like OpenStego and steghide for hiding data in files, especially images. The guide includes quick steps on examining files for concealed information. This resource aims to swiftly elevate your understanding of steganography. Dive in, discover, and reach out with any questions. Let’s unravel the secrets together! (link).

  3. Session Hijacking with DVWA and Burp Suite (2023) – on Google Drive
    Interested in understanding session hijacking? I have crafted a guide on ethical learning, focusing on session hijacking using DVWA and Burp Suite. Learn the ins and outs of session hijacking, from concept to practice, all within an ethical framework. This hands-on tutorial provides step-by-step instructions for practicing session hijacking on DVWA using Burp Suite. Feel free to explore the guide, follow the ethical steps, and reach out if you have any questions. Let’s delve into ethical learning together! (link).

  4. Social Engineering Toolkit (SET) in Kali Linux (2023) – on Google Drive
    Unlock the power of Nmap with my concise guide! Learn to scan systems with hostnames and IP addresses, gather detailed target information, and scan multiple hosts simultaneously. Explore subnet and IP range scanning, master OS detection, and trace routes for efficient reconnaissance. Uncover techniques to detect firewalls, check live hosts, and retrieve service version details. Plus, delve into the art of performing stealthy scans for discreet exploration. This resource is designed to quickly enhance your network scanning skills. Dive in, follow the steps, and let’s navigate Nmap together! (link).

  5. Ethical Password Cracking for Windows (2023) – on Google Drive
    I have created a guide on ethical password cracking for Windows, emphasizing responsible practices to enhance security. This resource walks you through ethical methods to test and strengthen password protection. Explore the guide to gain insights into ethical password cracking techniques, fostering a secure digital environment. (link).

  6. Firewall Configuration in Linux (2023) – on Google Drive
    I have compiled a comprehensive guide on firewalls, covering what they are and providing step-by-step instructions on setting up different rules in Linux. This resource is designed to demystify firewall configurations, making it easier to fortify your system security. Dive in, explore the content, and feel free to reach out if you have any questions. Let’s enhance our knowledge together! (link).

  7. DNS Spoofing Lab Manual (2023) – on Google Drive
    I have authored a lab manual on DNS spoofing attacks, offering a hands-on guide on performing them using Kali Linux. Explore this resource to understand the nuances of DNS spoofing and fortify your cybersecurity skills. Feel free to delve into the manual, try out the scenarios, and reach out if you have any questions. (link).

  8. DHCP Basics and Attacks in Kali Linux (2023) – on Google Drive
    I have created a concise manual on DHCP, covering the basics, associated attacks, and step-by-step execution in Kali Linux. Perfect for boosting your cybersecurity skills. Dive in, explore, and feel free to reach out with questions. Let’s learn together! (link).

  9. Google Cloud and Wazuh SIEM Exploration (2023) – on LinkedIn
    Cybersecurity is more crucial than ever, and I have been working on something valuable to enhance our skills in this space. I have explored Google Cloud and Wazuh SIEM to delve into threat hunting, aiming to empower others in the field. I have successfully integrated Snort IDS to detect potential threats, offering detailed insights through Wazuh. I am excited to share this journey and help others develop their cybersecurity skills! Reach out for any questions or feedback—let’s learn together! This comprehensive guide is available on my LinkedIn profile. Feel free to explore and recreate the practice scenarios to enhance your skills. (link).

  10. Splunk SIEM Guide (2023) – on LinkedIn
    I have crafted an exceptional, easy-to-follow, step-by-step practical hands-on manual for cybersecurity enthusiasts eager to practice an SIEM solution, particularly Splunk SIEM. This comprehensive guide on setup, importance, and usage is available on my LinkedIn profile. Feel free to explore and recreate the practice scenarios to enhance your skills. (link).