Education:
- PhD, research was on a new Port Knocking Technique called Tariq. (Scapy)
- MS, research was on Software Maintenance using a new Plugin Engine technique. (Visual C++)
- BS, research was on a new Form Shape Designer and an MP3 Player with Robotic Effects. (Visual C++)
Current Job:
- I am currently working as University Assistant Professor for the Dept. of Computer Science.
- Consultant and Instructor for ArabNIX (Freelance). I do consultation related to security and infrastructure deployment. Also, I’m the main Instructor for ArabNIX’s Information Security and Linux Training Courses.
Publications (Books, Papers, Courses, Whitepapers):
- Hey there, I’m not Dead Yet “Port Knocking” !!!, Hakin9 Magazine, October 2013
- Author for the Hacking Techniques and Intrusion Detection course: HTID
- A Hybrid Port-Knocking Technique for Host Authentication Chapter in the IT Policy and Ethics: Concepts, Methodologies, Tools, and Applications Book. Publisher: IGI-Global, February 2013
- Network Security Chapter in the Simulation in Computer Network Design and Modeling: Use and Analysis Book. Publisher: IGI-Global, February 2012
- The Bug Story, Hakin9 Magazine, September 2011
- Security by Hiding!, Hakin9 Magazine, August 2011
- Mummies Still Walk Among Us!, Hakin9 Magazine, July 2011
- A Hole in your Access Control, Hakin9 Magazine, June 2011
- Securing Public Services using Tariq, Hakin9 Magazine, May 2010
- Network Security using Hybrid Port Knocking, International Journal of Computer Science and Network Security (IJCSNS), August 2010
Certificates:
- Certified EC-Council Instructor, (CEI)
- Computer Hacking Forensics Investigator, (CHFIv8)
- Offensive Security Certified Professional, (OSCP)
- EC-Council Certified Security Analyst, (ECSA)
- Certified Ethical Hacker, ( C|EH )
- IBM Certified Specialist – System p Administration, UNIX AIX System
- IBM Certified Deployment Professional – Tivoli Storage Manager V5.3
- Novell Data Center Advanced Technical Specialist Certification (DCATS)
- Novell Data Center Technical Specialist Certification (DCTS)
- Certified Novell Instructor (CNI)
- Novell Certified Linux Administrator 10 (CLA10)
- Novell Certified Linux Desktop Administrator (CLDA)
- IBM DB2 under Linux
- Novell Linux Technical Specialist
- Novell Certified Linux Professional 10 (CLP10)
- Red Hat Certified Engineer (RHCE)
- HP ProCurve Networking
Training Courses Taken:
- OpenStack Bootcamp, Mirantis
- SourceFire Security Education Program – Snort IDS/IPS Technology v2.8
- Project Management
- Business Continuity & Disaster Recovery
- SolarisTM 9 Operating Environment – 6 Months Track
- Cisco Networking Academy Program, CCNA – 3 Months Track
Technical Profile (old and not updated!):
- Operating Systems
Linux (Red Hat, CentOS, Fedora, Debian, Ubuntu) - Hardware
Intel Based x86/x86-64 Servers (HP/Dell), IBM Power Servers, Sun SPARC Servers - Development
Shell Scripting, Python, C/C++, Java, Pascal/Delphi, Assembly (Linux/Windows), PHP, and HTML - DBMS
MySQL, PostgreSQL, MSSQL, IBM DB2, and SQLite - Network Services
- Virtualization Hypervisor
- Infosec, Digital Forensics, and Malware Analysis
Unix IBM AIX, and Unix Sun Solaris
Microsoft Win2K, Win2003, Win2008, WinXP, Vista, and Windows7
Installing, Configuring, Hardening, and Tuning any of the following services:
DHCP, DNS (BIND), Apache, Tomcat, Subversion (SVN), SMB/CIFS, NFS, SSH, openLDAP, NIS, NTP, Squid, FTP, Sendmail, Postfix, Exim, IPTables, openVPN, Microsoft ISA, Active Directory, and Web Hosting (WHM/CPanel Web Hosting Control Panel, Plesk, and WHMCS).
VMware WorkStation, VMware Server, Xen, XenServer, Virtuozzo, OpenVZ and VirtualBox.
– Linux Kernel Patching, Compilation, Tunning, and Hardening.
– Linux System Integrity, Data and Filesystem Encryption,
– Hardening and Auditing Linux Services, Web Applications, and Firewalls.
– Install, configure, and maintain IDS/IPS (Snort, OSSEC, etc) systems.
– Install, configure, and maintain network security devices (Firewalls, VPN concentrators, routers, Internet Gateways, and content filtering systems).
– Vulnerability Assessment and Patch Management (NeXpose, Nessus, SAINT Exploit, GFI LanGuard, Shavlik, MBSA, etc).
– Exploit Development and Analysis (Spike, Ollydbg, Immunity Debugger, GNU Debugger (gdb), IDA Pro, etc).
– Doing both Static and Dynamic Malware Analysis (Ollydbg, Immunity Debugger, IDA Pro, Sysinternals Suite, etc).
– Penetration Testing using Metasploit Framework, Nmap, Maltego, etc.
– Perform Network Security Auditing using Scapy.
– Investigate network attacks and Traffic Analysis (Security Onion, tcpdump, Wireshark, Xplico, Snort, NetworkMiner, NetWitness Investigator, NetSniff-NG, TCPFlow, tcptrack, tcpreplay, etc).
– Memory and Data Aquisition (Memoryze, DumpIt, FastDump, FTK Imager, ddcfld, dd, etc).
– Retrieve and Analyze Data from a Suspect’s Computer (The Sleuth Kit (TSK), Autopsy, Forensic Toolkit (FTK), Digital Forensics Framework (DFF), ProDiscover, Foremost, Scalpel, MFTAnalyzer, Hex Workshop, Sysinternals Suite, P2 eXplorer, Dependency Walker, Windows File Analyzer, RegShot, RegRipper, different EXIF Viewers, etc).
– Windows Memory Forensics using Volatility
– Event and Log monitoring (Splunk, Syslog, Ntop, Nagios, munin, EventLog Analyzer, etc).
– Writing Different Security Tools using Python
– Implement and Enforce Security Policies and Procedures (PCI Compliance, etc).
– Develop and maintain Business Continuity and Disaster Recovery plans.
To Achieve List (Challenges):
- EnCase Certified Examiner , referred to as EnCE. Currently in progress!
- Offensive Security Certified Expert, referred to as OSCE.
- Wireshark Certified Network Analyst, referred to as WCNA.
Contribution:
- Hacking Techniques and Intrusion Detection Course – Author.
- Linux Arab Community Co-Founder, and webmaster.
- Security for Arabs Community Co-Founder, and webmaster.
Hakin9 Magazine – Author.
Standards:
- PCI Compliance – PCI Security Standards Council.
- Open Source Security Testing Methodology Manual – OSSTMM3.
Scientific Hobbies:
- A computer addict, who just can’t leave his desk.
- Reading about Digital Forensic, Incident Response, Malware & Network Traffic Analysis, Social Engineering, and Writing Simple Python Tools.
Sports:
- Trained Kickboxing for more than two years under the coach Omar Enayah (Holds Blackbelts in the follwoing: Kickboxing “5″, Mauy Thai “1″, Ji Jitsu “1″, Seylat “1″, Arabic Sword Fighter, and Qoowat Al-Rami “5 Qabtha”),
- Left training for around two years, then got back to work, but as a Mauy Thai and Brazilian Ji Jitsu practitioner, under the same coach Omar Enayah,
- A big fan of MMA and combat competitions (UFC, K-1, Strikeforce, DREAM, PRIDE),
- Best fighter of all time: Fedor Emelianenko (MMA)
- Also a fan of other fighters: Anderson Silva, Frankie Edgar, Carlos Condit, Renan Barão (all MMA) and Badr Hari (K-1),
- Favourite fighting style is: Muay Thai,
- Might be the biggest Real Madrid Football Club fan in the Middle East!
- Used to present my University in Billiard competitions.
Social Activities:
- Meeting new friends.
- My Twitter [email protected].
- I love a Majestic Palm Tree … it means a lot to me.