With over 5 years of experience in the information security industry, Ali has performed a wide variety of security assessments including network penetration testing, application security assessments, full-scope red team engagements, adversarial simulation, and physical penetration testing. Prior to joining Atredis Partners, Ali performed network penetration tests as a Security Consultant on Optiv’s Attack and Penetration team.
Outside of work, Ali enjoys researching software vulnerabilities and malware techniques on Windows Systems. Ali has created open source tooling and authored blog posts focused on evasive Command and Control (C2) techniques and implant development to give back to the information security community. Ali also holds the Offensive Security Certified Professional (OSCP) certification. X (Twitter): @aahmad097
Hacking Exchange from the Outside In (<– add to your schedule)
Microsoft Exchange 2019 uses the Oracle Outside-In libraries to parse specific file types when attached to emails. This talk covers the process of discovering memory corruption vulnerabilities within the technology using AFL and Jackalope and the results of the fuzzing process. Outside-In was deprecated as a result of this research.