Ali Hassan Ghori
Manager Stealth-X (Offensive Security) @Apprise Cyber Pvt Ltd.
Karachi, Pakistan
Actions
Experienced and accomplished manager penetration tester with over 7 years of experience in offensive security. Adept in identifying vulnerabilities and exploiting them to enhance organizational security. Listed in 350+ Hall of fame lists for identifying valid security bugs in major corporations like Facebook, Google, Microsoft, Oracle, Pinterest, and Dell etc.
Certifications:
• Certified Ethical Hacker (CEH)
• Certified EC-Council Instructor (CEI)
• EC-Council Certified Security Analyst (ECSA)
• Certified Red Team Professional (CRTP)
• Certified Penetration Testing Engineer (CPTE)
• Certified Vulnerability Assessor (CVA)
• Certified AppSec Practitioner (CAP)
• Certified BlockChain Practitioner (CBP)
• Certified Cloud Security Practitioner - AWS (CCSP-AWS)
• Certified EC-Council Instructor (CEI)
• ISO 27001 Lead Implementer (LI)
• ISO 27001 Lead Auditor (LA)
Training and Speaking Engagements:
• Ex-Islamabad Chapter Leader of OWASP.
• Hosted a Webinar on "Smart Contract Hacking."
• Hosted a Webinar on "Importance of Cloud Security."
• Hosted a Webinar on "Smart Contract Hacking."
• Hosted a Webinar on "Threat Detection & Response Strategies for Blue Team in Cloud"
• Hosted a Webinar on "The importance of GRC (Governance, Risk, and Compliance) in Career Progression"
• Hosted a Webinar on "Importance of IT Audit in the constantly evolving threat landscape."
• Speaker at OWASP Karachi Chapter on "Mobile Application Security."
• Conducted a seminar on "Journey of a Bug Bounty Hunter" at Dawood University (KHI).
• Conducted a seminar on "The Role of Digital Literacy in Preventing Hacking" at NED University (KHI).
• Conducted a seminar on "Practical Cybersecurity Hygiene Practices" at Bahria University - BUKC (KHI).
• Conducted a workshop on "Hacking the Hackers" at Iqra University (Airport Campus KHI).
• Trainer of the course ACCF (Apprise Certified CyberSecurity Fundamentals).
• Educate engineers on embedding security by design in a fun way.
Experience:
• Manager Penetration Tester, Stealth-X Team (Offensive Security Department), Apprise Cyber
• Conduct penetration testing and vulnerability assessment of client systems and networks.
• Develop custom exploit code and utilize open-source and commercial tools to identify vulnerabilities and attack surfaces.
• Deliver comprehensive penetration testing reports and recommend remediation solutions to clients
Topics
Introduction To Security Code Analysis For Developers
In this session, I spoke about the importance of security code analysis for developers. We covered what security code analysis entails, including its types—static, dynamic, and interactive analysis. I emphasized how integrating security practices into the development process can help identify vulnerabilities early, ensure compliance, and ultimately lead to the creation of more secure software. We also reviewed sample code to demonstrate various vulnerabilities and conducted both automated tool assessments and manual evaluations during the talk.
OWASP Karachi Android Application Security
As mobile apps become mainstream in the market, businesses are increasingly prioritizing mobile app development over traditional websites. Therefore, it's essential to hold a session focused on Mobile App Security from a Pen Tester's Perspective.
Shaam e Mehmaan Episode # 01
I was a guest on the first episode of "Shaam e Mehmaan," where I discussed my journey as a bug bounty hunter with host Faisal Mukhtar (CEO - PrintAsaan)
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top