Hi, I'm Abdullah! Student & Offensive Security Consultant

I’m a fourth year undergraduate student at the University of Houston and an offensive security consultant passionate about red teaming, malware development, and creating open-source security tooling.

Professionally, I’ve worked with consulting teams on network, web application, and hardware security assessments including source code and host configuration reviews. I’ve also assisted with writing job scopes and compiling comprehensive engagement reports for a variety of target audiences ranging from highly technical engineers to senior leadership.

I mostly spend my spare time completing security-focused courseware, writing blog posts on my experiences, building and breaking my home lab networks, and researching vulnerabilities in Bluetooth low energy (BLE) devices as well as embedded devices such as smart locks, routers, cameras, and smart home hubs.

Notable Projects

Here are some tools I'm actively developing to share with the security community! Check out my GitHub to see my past work.

peeping-tom

Remote C++ Keylogger for Windows

megafeis-palm

PoC Code for Vulnerabilities Found in MEGAFEIS Smart Locks & their Mobile Companion App: DBD+

hashish

Multi-Type Hash Cracking Tool

brutus

Authentication Bruteforcing Tool for Network Services

infrared (developing)

Repeatable Attack Infrastructure for Enterprise Red Teams using IaC

substitution-cipher

C++ Implementation of the Substitution Cipher

Research Publications

Megafeis-palm: Exploiting Vulnerabilities to Open Bluetooth SmartLocks WithSecure Intern Research 2022

Abdullah Ansari

Writing & Presentation Samples

While interning at WithSecure, my mentor tasked me with producing professional, client-grade engagement deliverables for a mock web application assessment. I have included them below for your viewing. Enjoy!

Note: Client/application information has been redacted and anonymized with my dummy security company (SSG) and a fake client (Dunder Mifflin) to protect the privacy of WithSecure's internal training scenarios.