About Me

About Me

Ahmed Sherif

A seasoned cyber security expert based in Amsterdam πŸ‡³πŸ‡± with nearly 14 years of experience. I began my career in 2009 as a hacker and have since specialized in offensive security, focusing on Penetration Testing and Red Teaming. My career has spanned government roles, Big Four consulting, and the financial sector, providing me with a well-rounded skill set.

I’ve had the opportunity to build and lead offensive security operations for various organizations, discovering zero-day vulnerabilities and publishing technical findings. My work also involves regulatory assessments like TIBER, and iCast.

Key Skills

  • Red Teaming / Adversary Emulations: Expert in simulating advanced threat actors to assess and improve organizational defenses.
  • Leadership / Mentorship: Proven ability to lead and mentor teams, fostering growth and innovation in offensive security.
  • Penetration Testing and Code Reviews: Skilled in identifying and hunting vulnerabilities through thorough testing and code analysis.
  • Building / Rebranding Offensive Security Operations: Experienced in establishing and enhancing offensive security teams and processes.
  • Writing Process Controls: Adept at developing and implementing security controls and processes for red teaming and SSDLC.
  • Vendor Management and Procurement: Selecting, negotiating with, and managing relationships with vendors to procure the best tools and services for offensive security operations.

Certifications & Trainings

  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Web Expert (OSWE)
  • Certified Red Team Operator (CRTO)
  • Hack The Box Pro-Lab (Offshore)
  • Modern Initial Access and Evasion Tactics by mgeeky (@mariuszbit)
  • Offensive Azure AD and hybrid AD security by Dirk-Jan
  • Adversary Tactics - Red Teaming operations by SpecterOps
  • 210W - Cybersecurity for Industrial Control Systems by Homeland security

Publications & Talks

  • CVE-2024-48200: Local privilege escalation (LPE) on MobaXterm V24.2
  • CVE-2023-22953: Remote Command Execution via deserialization - ExpressionEngine CMS
  • CVE-2020-10569: Remote command execution via AJP - SysAid help desk
  • CVE-2016-5661 and CVE-2016-5660: Unauthorized file upload - Accela Civic Platform Citizen Access
  • Building-up red team operation in complex environment: Bsides Vienna - 2019 πŸ‡¦πŸ‡Ή
  • Simulating attacks on critical infrastructure: 4SICS Sweden - 2015 πŸ‡ΈπŸ‡ͺ
  • Red Teaming on MacOS: OWASP Netherlands - 2024 πŸ‡³πŸ‡±
  • Java Deserialization: From Discovery to Reverse Shell on Limited Environments Link