Objectives
Static Analysis, Application Security, Fuzzing, IDS/IPS, Database Systems, Web Application DevelopmentEducation
Islamic Azad University Of Tehran South / Master of Software Engineering 2019Islamic Azad University Of Najafabad / Bachelor of Software Engineering 2014
Skills, Experiences and Records
• 5 Discovered Vulnerabilities in Yahoo! Products ( +bounty )
• Multiple Cross Site Scripting Vulnerabilities in Nasa.gov
• Discovery of more than 100 vulnerabilies with specific article and CVE Identification for each one in various software and hardware products
• Highly Experienced with Golang language
• Experienced with Rust, C/C++, PHP, Server-Side Javascript (Nodejs), CoffeeScript, TypeScript, Python & Bash Programming Languages
• Experienced with PostgresSQL Server Administration, Configuration, Optimization and Data Recovery
• Experienced with MySQL Server Administration, Configuration, Optimization and Data Recovery
• Experienced with Social Engineering Attacks
• Experienced with Physical Penetration Attacks
• Experienced in Exploiting all kind of web application vulnerabilities
• Experienced in Black box & White box Penetration Testing
• Experienced in Remote Administration of GNU/Linux & BSD dedicated servers
• Experienced in Hardening GNU/Linux & BSD dedicated servers
• Experienced in Optimization and Hardening Linux kernel
• Experienced in building centralized & multi-platform IDS/IPS
• Experienced in Writing Snort & Emerging Threat rules
• Experienced in Defend against Denial Of Service(DOS) attacks
• Experienced in Writing Web Applications IDS/IPS
• Experienced in Design and Optimize PHP/Node.js/Django Web Applications
• Experienced in Forensic & Anti-Forensic Sciences
• Experienced in Reverse Engineering
• Experienced in OpenBSD, Redhat Base Linux Family, Debian Base Linux Family, FreeBSD
• Experienced in Drupal, MovableType, phpBB, Wordpress, Joomla, Mambo, SMF, VBulletin CMSes
• Familiar with HTML5, CSS3, Ruby, Visual Basic & Assembly
• Familiar with Writing Shell Codes in GNU/Linux,FreeBSD,OpenBSD,MacOSX & Windows
• Familiar with All kind of remote and local Network Attacks
• Familiar with Bypass and Amplification run-level protection systems (DEP, ASLR, StackGuards & NX bit )
• Familiar with Exploiting in Linux,BSD,MacOSX & Windows
• Familiar in Search Engine Optimization (SEO)
• Configuration of MTAs (Postfix, Sendmail)
• Configuration of IMAP/POP3 servers (Courier, Dovecot)
• Configuration of Web servers (Nginx,Apache, Lighttpd )
• Configuration of FTP servers (Proftpd, Pure-ftpd)
• Configuration of Proxy servers (Squid)
• Configuration of DB servers (MySQL, PostgreSQL)
• Configuration of DNS servers (Bind)
• Configuration of VPN servers (OpenVPN, PPTP, L2tp, SSTP & IPSec protocols)
Papers and discovered vulnerabilities
• [ 2015-12-31 ] => Joomla 1.5.x to 3.4.5 Object Injection Exploit | Identifier : CVE-2015-8562• [ 2014-07-01 ] => Kerio Control <= 8.3.1 Boolean-based blind SQL Injection | Identifier : CVE-2014-3857
• [ 2012-04-17 ] => DokuWiki Ver.2012/01/25 CSRF Add User Exploit | Identifier : CVE-2012-2129
• [ 2011-08-09 ] => iPhone/iPad Phone Drive 1.1.1 Directory Traversal
• [ 2011-03-09 ] => RecordPress 0.3.1 Multiple Vulnerabilities
• [ 2011-03-08 ] => RuubikCMS Version 1.0.3 Multiple Vulnerabilities
• [ 2011-02-26 ] => Linksys Cisco WAG120N CSRF Vulnerability
• [ 2011-02-25 ] => iPhone Folders 2.5 Directory Traversal | Identifier : CVE-2011-02-25
• [ 2011-02-25 ] => iPhone iFile 2.0 Directory Traversal
• [ 2011-02-25 ] => iPhone MyDocs 2.7 Directory Traversal
• [ 2011-02-24 ] => iPhone iShred 1.93 Directory Traversal
• [ 2011-02-24 ] => iPhone Guitar Directory Traversal
• [ 2011-02-24 ] => iPhone PDF Reader Pro 2.3 Directory Traversal
• [ 2010-02-08 ] => Testa OTMS Multiple SQL Injection Vulnerabilities
• [ 2009-12-28 ] => National Aeronautics and Space Administration (NASA) XSS Vulnerability
• [ 2009-07-17 ] => iDefense COMRaider ActiveX Control Multiple Insecure Method Vulns | Identifier : CVE-2009-3860
• [ 2009-01-08 ] => PHP-Fusion Mod vArcade 1.8 (comment_id) SQL Injection Vulnerability
• [ 2008-10-31 ] => CPanel 11.x XSS And Local File Inclusion Vulnerabilities | Identifier : CVE-2008-6927
• [ 2008-09-16 ] => NooMS Cross-Site Scripting Vulnerability | Identifier : CVE-2008-4179
• [ 2008-09-12 ] => Easy Photo Gallery Multiple Vulnerabilities | Identifier : CVE-2008-6989
• [ 2008-09-11 ] => PhpWebGallery 1.3.4 (XSS/LFI) Multiple Vulnerabilities | Identifier : CVE-2008-4591
• [ 2008-09-11 ] => phsBlog 0.2 Bypass SQL Injection Filtering Exploit | Identifier : CVE-2008-4072
• [ 2008-08-18 ] => FlexCMS "PreviousColorsString" Cross-Site Scripting | Identifier : CVE-2008-3715
• [ 2008-08-18 ] => Mambo 4.6.2 Cross-Site Scripting Vulnerabilities | Identifier : CVE-2008-3712
• [ 2008-08-05 ] => Pluck 4.5.2 Multiple Cross Site Scripting Vulnerabilities | Identifier : CVE-2008-3574
• [ 2008-07-22 ] => EasyE-Cards SQL Injection and Cross-Site Scripting | Identifier : CVE-2008-3344
• [ 2008-07-22 ] => EasyDynamicPages SQL Injection and Cross-Site Scripting | Identifier : CVE-2008-3347
• [ 2008-07-22 ] => EasyPublish SQL Injection and Cross-Site Scripting | Identifier : CVE-2008-3342
• [ 2008-07-22 ] => EasyBookMarker "rs" Cross-Site Scripting | Identifier : CVE-2008-3380
• [ 2008-05-09 ] => Maian Guestbook footer.php Cross-Site Scripting Vulnerabilities | Identifier : CVE-2008-2211
• [ 2008-05-09 ] => Maian Music Cross-Site Scripting and SQL Injection | Identifier : CVE-2008-2205
• [ 2008-05-09 ] => Maian Recipe Cross-Site Scripting Vulnerabilities | Identifier : CVE-2008-2201
• [ 2008-05-09 ] => Maian Uploader Multiple Cross-Site Scripting Vulnerabilities | Identifier : CVE-2008-2202
• [ 2008-05-09 ] => Maian Search Cross-Site Scripting and SQL Injection Vulnerabilities | Identifier : CVE-2008-2203
• [ 2008-05-08 ] => Maian Support Multiple Cross-Site Scripting Vulnerabilities | Identifier : CVE-2008-2210
• [ 2008-05-08 ] => Maian Greetings Multiple Vulnerabilities | Identifier : CVE-2008-2208
• [ 2008-05-08 ] => Maian Links Multiple Cross-Site Scripting Vulnerabilities | Identifier : CVE-2008-2213
• [ 2008-05-08 ] => Maian Gallery Multiple Vulnerabilities | Identifier : CVE-2008-2207
• [ 2008-05-07 ] => Maian Weblog Multiple Cross-Site Scripting Vulnerabilities | Identifier : CVE-2008-2200
• [ 2008-05-06 ] => Zomplog Multiple Vulnerabilities | Identifier : CVE-2008-2176
• [ 2008-05-06 ] => LifeType 1.2.8 "newBlogUserName" Cross-Site Scripting Vulnerability | Identifier : CVE-2008-2178
• [ 2008-05-05 ] => LifeType 1.2.7 "searchTerms" Cross-Site Scripting Vulnerability | Identifier : CVE-CVE-2008-2178
• [ 2008-05-02 ] => Mjguest "level" Cross-Site Scripting Vulnerability | Identifier : CVE-CVE-2008-2187
• [ 2008-05-01 ] => vlBook 1.21 (XSS/LFI) Multiple Remote Vulnerabilities | Identifier : CVE-2008-2073
• [ 2008-05-01 ] => ActualAnalyzer Lite (free) 2.78 Local File Inclusion Vulnerability | Identifier : CVE-2008-2076
• [ 2008-04-29 ] => miniBB "whatus" Cross-Site Scripting Vulnerability | Identifier : CVE-CVE-2008-2066
• [ 2008-04-26 ] => Siteman 2.x (EXEC/LFI/XSS) Multiple Remote Vulnerabilities
• [ 2008-04-01 ] => FaScript FaPhoto v1 (show.php id) SQL Injection Vulnerability | Identifier : CVE-2008-1714
• [ 2008-04-01 ] => EasyNews 40tr (SQL/XSS/LFI) Remote SQL Injection Exploit | Identifier : CVE-CVE-2008-1649
• [ 2008-04-01 ] => Sava's Link Manager Two Vulnerabilities | Identifier : CVE-CVE-2008-1644
• [ 2008-04-01 ] => Sava's Place Sava's Guestbook 'index.php' Local File Include Vulnerability | Identifier : CVE-CVE-2008-1642
• [ 2008-03-31 ] => Neat weblog 0.2 (articleId) Remote SQL Injection Vulnerability | Identifier : CVE-2008-1639
• [ 2008-02-28 ] => Maian Cart Cross-Site Scripting Vulnerabilities | Identifier : CVE-CVE-2008-1075
• [ 2008-02-14 ] => nuBoard 0.5 (threads.php ssid) SQL Injection Vulnerability | Identifier : CVE-2008-0796
• [ 2008-03-31 ] => Neat weblog 0.2 (articleId) Remote SQL Injection Vulnerability | Identifier : CVE-2008-1639
• [ 2008-02-14 ] => Affiliate Market Ver.0.1 BETA XSS / SQL Injection Exploit | Identifier : CVE-2008-1176
• [ 2008-02-03 ] => A-Blog V.2 (id) XSS / Remote SQL Injection Exploit | Identifier : CVE-2008-0676
• [ 2008-01-23 ] => LulieBlog 1.02 (voircom.php id) Remote SQL Injection Vulnerability | Identifier : CVE-2008-0446
• [ 2008-01-23 ] => Foojan WMS 1.0 (index.php story) Remote SQL Injection Vulnerability | Identifier : CVE-2008-0447
• [ 2008-01-23 ] => Siteman 1.1.9 (cat) Remote File Disclosure Vulnerability | Identifier : CVE-2008-0452
• [ 2008-01-16 ] => PHP-RESIDENCE 0.7.2 (Search) Remote SQL Injection Vulnerability | Identifier : CVE-2008-0353
• [ 2008-01-15 ] => FaScript FaMp3 v1 (show.php) Remote SQL Injection Vulnerability | Identifier : CVE-2008-0327
• [ 2008-01-15 ] => FaScript FaName v1 (page.php) Remote SQL Injection Vulnerability | Identifier : CVE-2008-0328
• [ 2008-01-15 ] => FaScript FaPersian Petition (show.php) SQL Injection Vulnerability | Identifier : CVE-2008-0325
• [ 2008-01-15 ] => FaScript FaPersianHack v1 (show.php) SQL Injection Vulnerability | Identifier : CVE-2008-0326
• [ 2007-11-25 ] => Softbiz Freelancers Script v.1 Remote SQL Injection Exploit | Identifier : CVE-2007-6124
• [ 2007-11-11 ] => Softbiz Auctions Script product_desc.php Remote SQL Injection Vuln | Identifier : CVE-2007-5999
• [ 2007-11-11 ] => Softbiz Ad Management plus Script ver 1 Remote SQL Injection Vuln | Identifier : CVE-2007-5998
• [ 2007-11-11 ] => Softbiz Banner Exchange Network Script 1.0 SQL Injection Vulnerability | Identifier : CVE-2007-5997
• [ 2007-11-11 ] => Softbiz Link Directory Script Remote SQL Injection Vulnerability | Identifier : CVE-2007-5996
• [ 2007-11-11 ] => Softbiz Recipes Portal Script Remote SQL Injection Vulnerability | Identifier : CVE-2007-5449
• [ 2007-10-08 ] => Softbiz Jobs & Recruitment Remote SQL Injection Vulnerability | Identifier : CVE-2007-5316
• [ 2007-09-26 ] => Softbiz Classifieds PLUS (id) Remote SQL Injection Vulnerability | Identifier : CVE-2007-5122