I’m a fourth year undergraduate student at the University of Houston and an offensive security consultant passionate about red teaming, malware development, and creating open-source security tooling.
Professionally, I’ve worked with consulting teams on network, web application, and hardware security assessments including source code and host configuration reviews. I’ve also assisted with writing job scopes and compiling comprehensive engagement reports for a variety of target audiences ranging from highly technical engineers to senior leadership.
I mostly spend my spare time completing security-focused courseware, writing blog posts on my experiences, building and breaking my home lab networks, and researching vulnerabilities in Bluetooth low energy (BLE) devices as well as embedded devices such as smart locks, routers, cameras, and smart home hubs.
Here are some tools I'm actively developing to share with the security community! Check out my GitHub to see my past work.
Remote C++ Keylogger for Windows
PoC Code for Vulnerabilities Found in MEGAFEIS Smart Locks & their Mobile Companion App: DBD+
Multi-Type Hash Cracking Tool
Authentication Bruteforcing Tool for Network Services
Repeatable Attack Infrastructure for Enterprise Red Teams using IaC
C++ Implementation of the Substitution Cipher
Megafeis-palm: Exploiting Vulnerabilities to Open Bluetooth SmartLocks WithSecure Intern Research 2022
Abdullah Ansari
While interning at WithSecure, my mentor tasked me with producing professional, client-grade engagement deliverables for a mock web application assessment. I have included them below for your viewing. Enjoy!
Note: Client/application information has been redacted and anonymized with my dummy security company (SSG) and a fake client (Dunder Mifflin) to protect the privacy of WithSecure's internal training scenarios.