Ali Hassan Ghori
Manager Stealth-X (Offensive Security) @Apprise Cyber Pvt Ltd.
Karachi, Pakistan
Actions
Experienced and accomplished manager penetration tester with over 7 years of experience in offensive security. Adept in identifying vulnerabilities and exploiting them to enhance organizational security. Listed in 350+ Hall of fame lists for identifying valid security bugs in major corporations like Facebook, Google, Microsoft, Oracle, Pinterest, and Dell etc.
Certifications:
• Certified Ethical Hacker (CEH)
• Certified EC-Council Instructor (CEI)
• EC-Council Certified Security Analyst (ECSA)
• Certified Red Team Professional (CRTP)
• Certified Penetration Testing Engineer (CPTE)
• Certified Vulnerability Assessor (CVA)
• Certified AppSec Practitioner (CAP)
• Certified BlockChain Practitioner (CBP)
• Certified Cloud Security Practitioner - AWS (CCSP-AWS)
• Certified EC-Council Instructor (CEI)
• ISO 27001 Lead Implementer (LI)
• ISO 27001 Lead Auditor (LA)
• Offensive Security Certified Professional (OSCP+)
Training and Speaking Engagements:
• Ex-Islamabad Chapter Leader of OWASP.
• Hosted a Webinar on "Smart Contract Hacking."
• Hosted a Webinar on "Importance of Cloud Security."
• Hosted a Webinar on "Smart Contract Hacking."
• Hosted a Webinar on "Threat Detection & Response Strategies for Blue Team in Cloud"
• Hosted a Webinar on "The importance of GRC (Governance, Risk, and Compliance) in Career Progression"
• Hosted a Webinar on "Importance of IT Audit in the constantly evolving threat landscape."
• Speaker at OWASP Karachi Chapter on "Mobile Application Security."
• Conducted a seminar on "Journey of a Bug Bounty Hunter" at Dawood University (KHI).
• Conducted a seminar on "The Role of Digital Literacy in Preventing Hacking" at NED University (KHI).
• Conducted a seminar on "Practical Cybersecurity Hygiene Practices" at Bahria University - BUKC (KHI).
• Conducted a workshop on "Hacking the Hackers" at Iqra University (Airport Campus KHI).
• Trainer of the course ACCF (Apprise Certified CyberSecurity Fundamentals).
• Educate engineers on embedding security by design in a fun way.
Experience:
• Manager Penetration Tester, Stealth-X Team (Offensive Security Department), Apprise Cyber
• Conduct penetration testing and vulnerability assessment of client systems and networks.
• Develop custom exploit code and utilize open-source and commercial tools to identify vulnerabilities and attack surfaces.
• Deliver comprehensive penetration testing reports and recommend remediation solutions to clients
Topics
Bahria University (Karachi Campus)
Build Your Cybersecurity Career While Still in University
22 April 2024
Bank of Pubjab (BoP) - Head Office Lahore
Secure Development Framework with Fortify Integration
26 November 2025
Bank of Pubjab (BoP) - Head Office Lahore
4-Day Hands-On Offensive Security & Penetration Testing Workshop (Web, Mobile & Network)
27 November 2023 - 01 December 2023
efu General
EFU Cybersecurity Awareness & Interactive Training Program (03–05 December 2025) – Hybrid Sessions for General Employees with Quiz-Based Learning
03 December 2025 - 05 December 2025
efu Insurance
Secure SDLC Framework Design & Implementation (2 Days Workshop)
22 October 2024 - 23 October 2024
House Building Finance Company (HBFC)
HBFC Cyber Awareness & Phishing Defense Training Session
29 August 2024
Hilton Pharma
Hilton Pharma Executive Cybersecurity Demo: Live Attack Scenarios & Awareness Training
23 October 2024
Iqra University - Airport Campus Karachi
Cybersecurity Awareness & Career Roadmap for Iqra University Students
22 March 2023
JS Investments Limited - (JSIL)
2-Month Advanced Cybersecurity (ACCF) Training Program for JSIL IT Team
14 June 2023
Lucky Core Industries Limited (LCI)
LCI Cybersecurity Awareness & Interactive Training Session for 100 Employees (In Collaboration with LND Team)
17 June 2025
Lucky Core Industries Limited (LCI)
LCI Practical Phishing Simulation & Prevention Awareness Workshop
18 March 2025
NED University of Engineering and Technology
NED University Cybersecurity Awareness Workshop: Practical Phishing Simulation & Career Roadmap in Cybersecurity
3 June 2024
Pakistan Stock Exchange (PSX)
Secure Software Development Lifecycle (Secure SDLC) Implementation & Application Security Program
2 May 2024
Introduction To Security Code Analysis For Developers
In this session, I spoke about the importance of security code analysis for developers. We covered what security code analysis entails, including its types static, dynamic, and interactive analysis. I emphasized how integrating security practices into the development process can help identify vulnerabilities early, ensure compliance, and ultimately lead to the creation of more secure software. We also reviewed sample code to demonstrate various vulnerabilities and conducted both automated tool assessments and manual evaluations during the talk.
OWASP Karachi Android Application Security
As mobile apps become mainstream in the market, businesses are increasingly prioritizing mobile app development over traditional websites. Therefore, it's essential to hold a session focused on Mobile App Security from a Pen Tester's Perspective.
Shaam e Mehmaan Episode # 01
I was a guest on the first episode of "Shaam e Mehmaan," where I discussed my journey as a bug bounty hunter with host Faisal Mukhtar (CEO - PrintAsaan)
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top