A LITTLE ABOUT ME
Hello. I am a sys admin.a reverse engineer.a security fanatic.an improviser.a music lover.
I live in a small town in California.
I am passionate about problem solving.
I’m highly interested in reverse engineering topics.
WORK HISTORY
2018
System Integration Engineer
DIGITALVAR
I currently work for DIGITALVAR. I create usable Operating System images that are used for mass deployment on various Life Science & Clinical instruments. My daily duties include providing IT support to employees, administrate various servers, documenting procedures for both production and internal operations. Consistently analyzing our work flow and improving where needed to reduce lead times.
2018
Consultant
Fixion | Québec City, Canada
Provide consultation services on how to properly embedded Linux/OpenWrt onto an ongoing, yet-to-be-patented product. Successfully located a previously undiscovered exploit that allows custom software to be loaded on a locked OEM device for development purposes.
2013-18
Customer Service Associate
Walgreens Co.
Receive large quantities of merchandise from vendors and corporate distributors and accurately process under strict time constraints. Supervise Photo Department operations, solely diagnosing and troubleshooting downtime issues including software and hardware/mechanical problems. Assist pharmacy staff when required, accurately and efficiently performing the designated protocols for prescription pick-ups.
CERTIFICATES
2019
Rootkits and Stealth Apps: Creating & Revealing 2.0 HACKING
Udemy
Course created by IT Security Academy and presented by Andrew Harper. IT Security Academy is a company that associates IT Security Professionals.
Topics
- How to create shellcode
- How to inject code
- How to hide processes, files, directories and registry entries
- How to keep a rootkit in a system
- How to create a backdoor
- How to create an invisible keylogger and remote console
- How to make a screenshot
- Creating undetectable applications
- How to deceive Anti-Virus applications
- How to use anti-emulation techniques
- How to bypass a firewall
- How to create a rootkit detector
- How to protect against rootkits
2019
Network Hacking Continued – Intermediate to Advanced
Udemy
Course created and presented by Zaid Al-Quraishi, An ethical hacker, computer scientist, and the founder and CTO of zSecurity.
Topics
- Gain access WPA2 enterprise network using 2 methods.
- Gain access to captive portals (hotels & airport networks) | 3 methods.
- Steal WPA/WPA2 password using evil twin attack.
- Crack WPA/WPA2 faster using GPU.
- Write custom scripts to implement your attack ideas.
- Bypass router-side security & run ARP spoofing attack without raising alarms.
- Unlock WPS on some routers even if its locked
- Disconnect multiple/all clients from their networks without knowing the key
- Bypass MAC filtering (both black and white lists).
- Discover names of hidden networks and connect to them
- Crack more secure WEP implementation when SKA is used.
- Exploit WPS on more secure routers to get the WPA/WPA2 key.
- Understand how WPA/WPA2 enterprise work.
- Understand how a fake access point work and be able to create one manually from scratch
- Generate SSL certificates & use it to support HTTPS on apache2.
- Create a fake captive portal that acts exactly like a normal captive portal.
- Use huge wordlists to crack WPA/WPA2 without taking up disk space.
- Save WPA/WPA2 cracking progress.
- Bypass HTTPS & capture data manually.
- Analyse data flows and build own attacks.
- Run attacks against HTTPS websites.
- Inject Javascript/HTML code in HTTPS pages.
- Create trojans – combine any file (image/pdf) with an evil file.
- Replace files downloaded on the network with trojans.
- Write script to replace downloads with trojans on the fly.
2019
Learn Ethical Hacking From Scratch
Udemy
Course created and presented by Zaid Al-Quraishi, An ethical hacker, computer scientist, and the founder and CTO of zSecurity.
Topics
- Learn what is ethical hacking, its fields and the different types of hackers
- Install hacking lab & needed software (works on Windows, OS X and Linux)
- Hack & secure both WiFi & wired networks
- Discover vulnerabilities & exploit them hack into servers
- Hack secure systems using client-side and social engineering attacks
- Use 30+ hacking tools such as Metasploit, Aircrack-ng, SQLmap…..etc
- Understand how websites work, how to discover and exploit web application vulnerabilities to gain full control over websites
- Secure systems from all the attacks shown
- Install Kali Linux – a penetration testing operating system
- Install windows & vulnerable operating systems as virtual machines for testing
- Learn linux basics
- Learn linux commands and how to interact with the terminal
- Learn Network Penetration Testing
- Network basics & how devices interact inside a network
- A number of practical attacks that can be used without knowing the key to the target network
- Control connections of clients around you without knowing the password.
- Create a fake Wi-Fi network with internet connection & spy on clients
- Gather detailed information about clients and networks like their OS, opened ports …etc.
- Crack WEP/WPA/WPA2 encryptions using a number of methods.
- ARP Spoofing/ARP Poisoning
- Launch Various Man In The Middle attacks.
- Gain access to any account accessed by any client in your network.
- Sniff packets from clients and analyse them to extract important info such as: passwords, cookies, urls, videos, images ..etc.
- Discover open ports, installed services and vulnerabilities on computer systems
- Gain control over computer systems using server side attacks
- Exploit buffer over flows and code execution vulnerabilities to gain control over systems
- Gain control over computer systems using client side attacks
- Gain control over computer systems using fake updates
- Gain control over computer systems by backdooring downloads on the fly
- Create undetectable backdoors
- Backdoor normal programs
- Backdoor any file type such as pictures, pdf’s …etc.
- Gather information about people, such as emails, social media accounts, emails and friends
- Use social engineering to gain full control over target systems
- Send emails from ANY email account without knowing the password for that account
- Read, write download, upload and execute files on compromised systems
- Capture keystrokes on a compromised system
- Use a compromised computer as a pivot to gain access to other computers on the same network
- Understand how websites & web applications work
- Understand how browsers communicate with websites
- Gather sensitive information about websites
- Discover servers, technologies and services used on target website
- Discover emails and sensitive data associated with a specific website
- Find all subdomains associated with a website
- Discover unpublished directories and files associated with a target website
- Find all websites hosted on the same server as the target website
- Exploit file upload vulnerabilities & gain full control over the target website
- Discover, exploit and fix code execution vulnerabilities
- Discover, exploit & fix local file inclusion vulnerabilities
- Discover, fix, and exploit SQL injection vulnerabilities
- Bypass login forms and login as admin using SQL injections
- Writing SQL queries to find databases, tables and sensitive data such as usernames and passwords using SQL injections
- Read / Write files to the server using SQL injections
- Learn the right way to write SQL queries to prevent SQL injections
- Discover reflected XSS vulnerabilities
- Discover Stored XSS vulnerabilities
- Hook victims to BeEF using XSS vulnerabilities
- Fix XSS vulnerabilities & protect yourself from them as a user
