Spearheaded the development of the first-ever cutting-edge compliance tool, leveraging the NIA Policy Standard 2.1 Qatar. The tool measures compliance for SMEs nationwide, resulting in an impressive 80% increase in compliance rates for clients.
Led a team of four cybersecurity professionals in creating a post-attack assessment system using machine learning models. This system proved to be 40% more effective than competing solutions in the market, detecting undetected attacks.
Played a pivotal role in the creation of SnipeX, a cutting-edge payload generation and mutation tool, within Cytomate’s cybersecurity solutions. This initiative empowered professionals to customize and generate tailored payloads, fortifying Breach and Attack Simulation (BAS) solutions. Additionally, spearheaded the implementation of SnipeX as an advanced adversarial machine learning tool to strengthen website security, evaluating firewall efficacy and providing crucial insights against evolving cyber threats.
Played a key role in an attack surface management project, aimed at timely detection, prevention, and containment of critical assets and information. The project is slated for implementation across multiple clients.
Led a phishing awareness project, devising various exploits to simulate email theft and account hijacking. Developed a machine learning-based tool that reduced password harvesting attacks by over 80% compared to previous statistics.
Led the development and deployment of an advanced cyber deception system (Sarab), resulting in a remarkable 70% decrease in successful attacks on client networks.
Conducted in-depth log analysis using advanced machine learning models to uncover hidden malicious patterns and identify threats in their early stages. This initiative strengthened the overall security posture and reduced the detection time for attacks by 70%.
Implemented network protection technologies, including IDS/IPS and firewalls, and seamlessly integrated them with various SIEM solutions such as QRadar, Wazuh, and Splunk. Developed a post-attack assessment system, reducing attack detection time by 60%. Successfully enhanced endpoint visibility and cybersecurity measures by integrating IDS/IPS technology with QRadar and Wazuh, leading to a notable 50% reduction in successful attacks on client networks.
Collaborated effectively with cross-functional teams on multiple cybersecurity projects, demonstrating excellent communication and teamwork skills.
Contributed to advanced cybersecurity projects aimed at luring attackers away from real organizational assets by deploying decoy-based deception systems.
Profiling threat actors based on their malicious intents and level of severity for any firm.
Investigated adversaries’ collaborative efforts to launch attacks.
Developed models with advanced capabilities for classifying web attacks using machine learning.
Completed research, compiled data, updated spreadsheets and produced timely reports.
Developed and maintained relationships with key internal stakeholders.
Maintained accurate records and documentation of projects to inform stakeholders of progress and updates.
Optimized the Google knowledge panel and developed a chat application.
Wrote technical documents related to software development and deployment.
Email Hunter developed an innovative self-destructive email stealer that can extract emails from a victim’s computer, send them back to the request originator, and remove footsteps to avoid backtracking.
Email Verifier created an API that lets you verify whether an email exists or not. It was purposed to deal with scenarios when you don’t have information about company emails and you craft them on runtime and then want to test their existence.
Attacker Profile After deploying decoys, created a comprehensive attacker profile to allow victim firms to learn about the foe and act quickly to deter such threat actors from returning.
Phishing Detector a tool that determines if a received email is genuine or a phishing attempt and identifies the true sender by analyzing the email header and revealing the faked address.
Email Header Analyzer created a Python script based on Selenium that quickly and easily analyses the header of any email.
Cyber Deception Threat intelligence deployed different interactive honeypots to attract attackers to abuse them and later analyzed that data to extract actionable insights for an organization to take mitigation actions.
IP Footprints created a Python tool that examines an IP address to find its location and source organization and detects either a normal IP or a bad one. It also checks to see if it belongs to a real person or is a bot.
Binary Footprinting to uncover collaborative efforts by attackers, I have designed a solution that can easily discover how many and which attackers are working in coordination against an organization by analyzing malicious payloads dropped by them.
Machine Learning enabled WAF developed an ML model that classifies the web attacks into different classes, such as SQLi, XSS, LFI, Command Injection, etc., in an autonomous manner.
LinkedIn Scraping created a Python-based scrapper to extract important information about a company’s employees to start cybersecurity campaigns.
Multi Encoder constructed an encoder that can encode web payloads using eleven different schemes and helps in bypassing malicious payloads from Web Application Firewalls.
Sandboxing created a Python tool to automatically submit the collected payloads to the Cuckoo sandbox and download reports after successful analysis, and extracted useful payload attributes from those reports.
VPN Detection automated the process of VPN detection using various open-source tools to detect whether an attacker is using a VPN or not.
Forensics used various tools for the forensics of audio tracks, images, documents, and emails to find hidden information, get contents from password-protected files, and share secret data by hiding it in various formats of files.
Data Visualizations created a graphical representation after extracting threat intelligence from honeypot and firewall logs for executives to determine the system state and effectiveness of the approach.
IP2Country developed an API with the capability of getting the verified origin of an attacker from his IP address.
Text2Image as part of detecting vulnerabilities in an application project’s source, I wrote a Python script to convert text data to images.