We can organize an interview with Aldin or any of our 25,000 available candidates within 48 hours. How would you like to proceed?
Schedule Interview NowMy name is Mohamed Aziz S. and I have over 4 years of experience in the tech industry. I specialize in the following technologies: Penetration Testing, Vulnerability Assessment, Digital Forensics, Encryption, Python, etc.. I hold a degree in Engineer's degree, Bachelor of Science in Information Technology. Some of the notable projects I’ve worked on include: Malware resistance Analysis and Classification Using Deep learning, WordPress Penetration/Malware Removal Backdoors, Penetration Testing Web Application Report, Source Code Disclosure Vulnerability (Access to payment logs database), DLP tool using the ld_preload for Linux. I am based in Tunis, Tunisia. I've successfully completed 5 projects while developing at Softaims.
I thrive on project diversity, possessing the adaptability to seamlessly transition between different technical stacks, industries, and team structures. This wide-ranging experience allows me to bring unique perspectives and proven solutions from one domain to another, significantly enhancing the problem-solving process.
I quickly become proficient in new technologies as required, focusing on delivering immediate, high-quality value. At Softaims, I leverage this adaptability to ensure project continuity and success, regardless of the evolving technical landscape.
My work philosophy centers on being a resilient and resourceful team member. I prioritize finding pragmatic, scalable solutions that not only meet the current needs but also provide a flexible foundation for future development and changes.
Main technologies
4 years
3 Years
1 Year
1 Year
Potentially possible
Vermeg
The project aims to analyze a collection of 5000 malware samples targeting Linux environments, perform dynamic analysis to extract memory dumps, convert these dumps into RGB images, and classify the malware using a ResNet-50 neural network.
In this project, I successfully remediated malware infections and detected hidden backdoors within a WordPress website. Leveraging my expertise in cybersecurity and malware analysis, I conducted a thorough examination of the compromised site, identifying malicious code injections and suspicious activities. Through a systematic approach, I meticulously removed the malware, ensuring the restoration of the website's integrity and functionality. Additionally, I implemented robust security measures to fortify the site against future attacks, including firewall configurations and continuous monitoring solutions. By promptly addressing the malware infection and eliminating potential backdoors, I provided the client with peace of mind and restored their confidence in the security of their WordPress platform. This project exemplifies my commitment to safeguarding digital assets and delivering effective cybersecurity solutions tailored to my clients' needs.
In this project, I undertook comprehensive penetration testing to assess the security posture of a client's digital infrastructure. Through meticulous testing and detailed reporting, I identified several critical vulnerabilities, including: TIME-BASED SQL INJECTION: Uncovering vulnerabilities in the database layer, I detected instances of time-based SQL injection, which could potentially lead to unauthorized access and data manipulation. Boolean-Based Blind SQL Injection in Foreninger: Delving deeper, I found instances of boolean-based blind SQL injection in the 'Foreninger' module, posing a significant risk to data integrity and confidentiality. Stored XSS Cross-site Scripting: Furthermore, I discovered stored cross-site scripting vulnerabilities across various web pages, highlighting potential avenues for malicious code injection and client-side attacks. Unsecure Cookies: Lastly, I identified unsecure cookie configurations, exposing sensitive session data to interception and manipulation by attackers.
During a thorough penetration testing of a web application, I successfully identified and exploited a critical vulnerability known as Source Code Disclosure in the website's payment logs and member payment section. This vulnerability allowed unauthorized access to the application's underlying source code, posing a significant security risk to sensitive information. By leveraging this vulnerability, an attacker could potentially gain access to confidential payment logs and member payment data, compromising the privacy and security of the website's users. The exposed source code could provide malicious individuals with valuable insights into the application's architecture, potentially leading to further exploitation and unauthorized access to additional systems or sensitive data.
Project Description: The Research will focus on ways to identify and block specific devices from connecting to the system. In Linux the devices connected are listed under the dev folder, by monitoring this folder and using additional probing utilities /linux/usb-devices-dev You can discover the device type, HID, specific Identification, and decide to either approve it or block the device. We will focus on using ld_preload hook to monitor changes in the dev folder to decide if the device can be accesses or not. The POC result should allow connecting the following devices (“specific USB drive”, usb device type, specific keyboard, keyboard type, Network device, smart card…) while blocking other unauthorized devices. See the following maybe interesting directions: Github: usbguard
Engineer's degree in Computer science
Bachelor of Science in Information Technology in networking