I’m a Red Team Consultant at Google and a Cybersecurity Master’s student at NYU, passionate about adversary simulation, malware development, and physical/social engineering operations.
Professionally, I lead assumed breach engagements, design custom phishing campaigns, and conduct physical security assessments of enterprise facilities. I also develop custom security tools, research covert C2 channels, and regularly present critical risks and remediation strategies directly to CISOs and executive leadership.
I hold industry-recognized certifications including Certified Red Team Operator (CRTO), Certified Red Team Lead (CRTL), CompTIA Security+, and VHL Advanced+ (with OSCP currently in progress). Additionally, I have completed advanced offensive training programs such as MalDev Academy, Windows Internals, Offensive Azure, and Evilginx Mastery.
In my spare time, I conduct independent cybersecurity research, build and evaluate autonomous red teaming agents (see RedAI Paper), and analyze vulnerabilities in Bluetooth Low Energy (BLE) and embedded devices.
Here are some tools I'm actively developing to share with the security community! Check out my GitHub to see my past work.
Autonomous Red Teaming Agent combining abliteration and SFT trajectory alignment to navigate complex firewalled Active Directory environments.
Remote C++ Keylogger for Windows
PoC Code for Vulnerabilities Found in MEGAFEIS Smart Locks & their Mobile Companion App: DBD+
Multi-Type Hash Cracking Tool
Authentication Bruteforcing Tool for Network Services
C++ Implementation of the Substitution Cipher
Mechanistic Abliteration and SFT Trajectory Alignment for Autonomous Red Team Agents Independent Research (July 2026)
Abdullah Ansari
Megafeis-palm: Exploiting Vulnerabilities to Open Bluetooth SmartLocks WithSecure Intern Research (2022)
Abdullah Ansari
While interning at WithSecure, my mentor tasked me with producing professional, client-grade engagement deliverables for a mock web application assessment. I have included them below for your viewing. Enjoy!
Note: Client/application information has been redacted and anonymized with my dummy security company (SSG) and a fake client (Dunder Mifflin) to protect the privacy of WithSecure's internal training scenarios.