Digital Intelligence Tactical Solutions Developer, Cyber Security Architect, MSc in Cybersecurity, Double Ph.D research student. Enterprise Security Specialist with expertise in Cyber Defence, Cyber Security Operations, Threat Analysis, Incident Response, Forensic Investigations, Malware Analysis, 0-Day Hunter, DarkWeb & DeepWeb Threat Intelligence Analytics.

About me

About Me

Chief Information Security Officer (CISO) with more than 20 years of experience in real-world Cyber Security. Leading advanced persistent threats hunting, with expertise on forensic and security orchestration automation response, as well as detection capabilities. An advocate of Cyber Criminology, who understands the motives of hacker strategies and response methodologies. A highly motivated security specialist with a consistent proven record of going the extra mile to meet objectives. With demonstrable experience to effectively detect, prevent, and respond to cyber threats against infrastructures.

52 65 64 54 65 61 6d 20 45 74 68 69 63 61 6c 20 48 61 63 6b 65 72 20

|-Red Team-|-SOC Lead-|

|| Cyber Security Architect || Information Security Analyst || Vulnerability Detective || Network Examiner || Digital Data Interpreter ||
|| Digital Intelligence Tactical Solutions Developer || Cyber Criminology || Criminal Science ||


Geek Traits: TISO

My first web designing team was formed in 1997. I started my first web development of Web Directories, Forums, Blogs, E-commerce, CMS and Static & Dynamic websites using multiple programming languages such as HTML, PHP, Python, JSP, ASP, C++ and Adobe suite, Photoshop, Dreamweaver, Macromedia Flash, Fireworks etc. As a webmaster, I taught my web development team how to securely build websites using STLC (Software Testing Life Cycle) methodology and how it should be implemented from the foundation of any IT infrastructure building. Code reviewing practice was the core of my web design principle and I had a special interest in networking and infrastructure security. As a versatile individual with extensive experience of vulnerability detection, prevention and incident response in all areas of the web domain including in-house web hosting infrastructure, I’m a hands-on technician.

Build a smart piSOC with MITRE ATT&CK Unified Security

Build a smart piSOC with MITRE ATT&CK Unified Security

The threat landscape keeps getting more complex. The trend toward cloud and hybrid environments complicate your cybersecurity posture. Many organisations building a cyberSOC may seem like an impossible task. With limited resources (time, staff, and budget), setting up an operations center supported by multiple security monitoring technologies and in real-time threat updates does seem complicated. Thankfully, I have step by step white-paper for you to start building your own DIY SOC in very cost effective way to implement and manage these different tools on an ongoing basis...Find full white-paper on:

InfoSec Events


As hackers become more creative in their subversive techniques, businesses need to become more proactive in educating their workforce and stepping up their cyber incident response plans. Businesses should consult with their vendors, third-party suppliers and stakeholders in every business unit to ensure continuity, mitigate risk and verify that security measures are being employed and regularly updated.

A Majority of Cyber Attacks Successfully Infiltrate Enterprise Environments Without Detection

A Majority of Cyber Attacks Successfully Infiltrate Enterprise Environments Without Detection

The report summarizes the results of thousands of real attacks performed by experts from the Mandiant Security. The tests consisted of real attacks, specific malicious behaviors, and actor-attributed techniques and tactics run in enterprise-level production environments representing 11 industries against 123 market-leading security technologies — including network, email, endpoint, and cloud solutions. The report reveals that while organizations continue to invest significant budget dollars in security controls and assume that this means assets are fully protected, the reality is that a majority of the tested attacks successfully infiltrated the organizations’ production environments without their knowledge.
READ MORE:  attacks-successfully-infiltrate 

PhD Project: CyBotic Predator

What is the Cybot, AKA CyBotic Predator : 2018

Here is my 2nd Ph.D research project, CyBotic is an Ultimate Signal Sniffing Predator, which has build in five core functionality’s

      1. Air defence system including Drone defence
      2. Sea defence system
      3. Network & WiFi Defences
      4. IDS & IPS
      5. IoT Operations and Intelligence – IoT Innovation
        There are two reasons why I want to start a PhD on CyBotic Predator. I have a passion for research on signal sniffing domain itself  “i mean hacking”, for developing understanding and knowledge. Also, I have a desire to be intellectually challenged and guided by a world expert in this field. My curiosity on this subject is simple can I able to push my limit to build the ultimate cyber defence system just like security orchestration. Visit dedicated site: 

Ministry of Hack

M-O-H Security ecosystem provides comprehensive protection for your it infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response, along with integrated risk management which reinvent the way you manage risk. Our methodology based on adversary-centric detection and proactive threat hunting. We are military grade cyber threat hunters, with the years of experience in threat hunting.. We know how attackers think and act, and how to use tools to find them and kick them out.Visit: Ministry Of Hack

Photobox Group Hackathon 2018

We’ve just completed the 5th PhotoBox Group Hackathon! We first time demonstrated my CyBotic Project, AKA CyBotic Predator. I can’t wait to kick off. The CyBot Predator idea thrived from the original RedTeam Hail Mary toolkit developed in 2014.



I am not desperate to leave my current job but am keeping my eyes out for new opportunities.: |=See more=|

CyberWar: How can they hurt us?

What damage can cyber attacks actually do? NATO Review asks the White House’s former director of cyber infrastructure protection what we should be worried about – and how knowledge of cyber attacks’ potential may be more limited than portrayed.

Hail MaryToolkit

Hail MaryToolkit

My Hail Mary toolkit have 3 type of attack mode Attack mode 1: Will able to break WPA2 encryption scheme. Key to the kingdom is to tricking the 4-way handshake, This is achieved by manipulating and replaying cryptographic handshake messages in a fundamental way. Attack mode 2: Detect Long-range RFID’s over 100-120m. Attack mode 3: Long-range scanner for contactless smart card (Its embedded integrated circuits can store (and sometimes process) data and communicate with a terminal via 13.56-MHz)

Malware Detective

Special Ops Project: Threat intelligence researchers hunting various potential spyware, adware, trojans, keyloggers, bots, worms, and hijackers, in real time. The CyberSecurity landscape has changed. No longer are we protecting against a piece of malicious code – we are defending against persistent adversaries. Find out more about APT’s or Advanced Persistent Threats. (

RedTeam Travel Kit

NHS WannaCry Attack

I am proud to have co-authored this book. Wannacry Ransomware Crowd Source Intelligence, A free resource created by the global cyber community and This is not the end but rather just the beginning of life-impacting cyber attacks. To download this document and to keep abreast of such initiatives and continue receiving reports and guidance papers please Download here

Cyber Immune System

Darktrace Experience

Darktrace is a world leader in Enterprise Immune System technology for cyber security. Using new machine learning techniques based on the biological principles of the human immune system, Darktrace addresses the challenge of detecting previously unidentified cyber threats, irrespective of their origin.

What Is Red Teaming?

What Is Red Teaming?

Red Teaming is a process designed to detect network and system vulnerabilities and test security by taking a hacker-like approach to information security system/network/data access. This process is also called “RedTeam Operation -ethical hacking” since its ultimate purpose of the red teams is to enhance security system, either by specifying the adversary’s preferences and strategies or by simply acting as a “Devil’s Advocate”. Red Team provides a more realistic picture of the security readiness than exercises.

Fifty Shades of Grey Cyber Lab

Fifty Shades of Grey Cyber Lab

It is an art to performing a pen-test. There are various penetration testing methods available. Pen-testing should be an integral part of product SDLC cycle, and You need an Integrated Penetration Testing Tools and a Lab, ReadMore: CyberLab

Decoding Petya Ransomware

Seems I have a decoder for #Petya, but it works only if the system was not rebooted after the infection. Petya Ransomware eats your hard drives.

Petya ransomware eats your hard drives


Ransomware is evolving — fast. The new versions of ransomware use strong asymmetrical encryption with long keys so that files cannot be decrypted without the key. The bad guys have started using TOR and payments in bitcoins for the sake of staying totally anonymous. And now there is Petya ransomware which in a certain sense encrypts the whole hard drive all at once instead of encrypting files one by one.




The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Knowing the adversary’s moves helps you better prepare your defenses. Metasploit, backed by a community of 200,000 users and contributors, gives you that insight. It’s the most impactful penetration testing solution on the planet. With it, uncover weaknesses in your defenses, focus on the highest risks, and improve your security outcomes.

Arbor DDoS Solutions!

The Evolution of DDoS Attacks
Arbor solutions offer full protection and simplified network management on all interconnected environments. They provide a bigger and better overview, actionnable information and proven protection, ensuring that network threats are detected and neutralised. Availibility of the network is thus guaranteed.

Akamai Intelligent Platform

Akamai Intelligent Platform

Akamai’s content delivery network- CDN is one of the world’s largest distributed computing platforms, Akamai’s Network Operations Command Center (NOCC) is used for proactive monitoring and troubleshooting of all servers in the global Akamai network. The NOCC provides real time statistics of Akamai’s web traffic. The traffic metrics update automatically and provide a view of the Internet traffic conditions on Akamai’s servers and customer websites.

Elastica CloudSOC platform

Elastica CloudSOC platform

The Elastica CloudSOC platform enables companies to confidently leverage cloud applications and services while staying safe, secure and compliant. Leveraging advanced data science and machine learning, CloudSOC taps real-time user traffic, native SaaS APIs and other data sources to provide a single pane of glass for monitoring and controlling your SaaS apps.

NATO Cyber Defence

NATO Cyber Defence

Cyber Defence Pledge

Cyber threats and attacks are becoming more common, sophisticated and damaging. The Alliance is faced with an evolving complex threat environment. State and non-state actors can use cyber attacks in the context of military operations. In recent events, cyber attacks have been part of hybrid warfare. Read More

InfoSec Events

InfoSec Events

See more about the top security events I have attended. Conferences are important events in almost every industry, giving professionals the opportunity to learn about new developments, get valuable insights from leading experts, and network with other professionals. In few fields do conferences play as important a role as they do in information security. This ever-changing industry places high demands on professionals to stay abreast of the latest best practices, trends, and research findings that impact their day-to-day responsibilities and help them perform at their best. See more

0day Exploit for Windows 10 RCE

Call Offensive Security

Call Offsec they are the very best!..Information Security Training, Ethical Hacking Certifications, Virtual Labs and Penetration Testing Services from Offensive Security, the creators of Kali Linux.

Capture The Flag-HackTheBOX

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly updated. Some of them simulating real world scenarios and some of them leaning more towards a CTF style of challenge.

Cyberlympic ‘Ethical Hacking’ World Championship

Cyberlympic ‘Ethical Hacking’ World Championship

Hackers in the world competed in the Global CyberLympics final during Cyber Security Week in The Hague. This is an international hacking competition aimed at improving the level of national cyber security and strengthening international cooperation. “The competition this year was at the highest level we’ve ever seen due to the relevance of the challenges such as credit card cloning and cryptocurrency mining. The whole event had such amazing energy since it was in the middle of Cyber Security Week here in The Hague. Read More:

GDPR Audit Checklist

GDPR Audit Checklist

The first steps towards GDPR compliance are understanding your obligations, what your current processes are and identifying any gaps. Undertaking a data protection audit is essential to achieving compliance. This checklist is intended to provide a starting point, rather than providing an exhaustive audit. Download full PDF here

AppSec Check list Mine Map

AppSec Check list Mine Map

Application security encompasses measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities. From the risk management strategic point of view, the mitigation of application security risks is not a one time exercise; rather it is an ongoing activity that requires paying close attention to emerging threats and planning ahead for the deployment of new security measures to mitigate these new threats. Checklist mine map

Photobox Group Security Team

Wisdom of Crowds Lon Nov2018



Here is my personally built and tested collection of incident response playbook reference guide – first aid tips and preparation guidance to limit damage and protect your mission. A critical principle of medicine applies equally well to cybersecurity incident responses – Do No Harm. Organisations face many pitfalls that can dramatically increase the negative impact of an incident. These guides are designed to help CSIRT (Computer Security Incident Response Team) manage a cybersecurity incident while avoiding common errors, increasing both the effectiveness and efficiency of your incident response efforts.

Threat Intelligence Report

Threat Intelligence: Staying Ahead Of Cyber Criminals, The threat intelligence likewise is an analysis of information collected about the cyber threat so that it provides reliable and structured information about cybersecurity threats. ReadMore

Hacker Business Models

An Inside Look at Business Models of Hackers, The industrialized hackers are intent on one goal–making money. They also know the basic rules of the business of increasing revenues while cutting costs.

Phishing Incident Response

The playbooks define the procedures for security event investigation and response, a written guidance for identifying, containing, eradicating and recovering from cybersecurity incidents. Full file via SlideShare

Defend DDoS Attacks

DDoS attacks are making the headlines but if you architect your infrastructure right at the DNS layer, you can significantly reduce the impact. ReadMore

IT Guys Life in Hell

Pentesting: Exploiting:  how the system reacts to an attack, which weak spots exist that could be breached if any, and what data could be stolen from an active system.

NotPetya Ransomware Outbreak

As I expected, On June 27, several organizations in Europe reported ransomware infecting their systems,!. The Wisdom of Crowds Intelligence Full Report -it’s not over yet!

Crowd Sourced Intelligence Doc

WannaCry stopped? No, this is just the beginning. Warm up! Expect more!. Full Report All say that the threat is stopped, but this is untrue. «Kill Switch» only slowed its progress.

MobileSEC Testing Guide

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering PlayBook

High Performance DoS Analyzer

DOS/DDoS Load Analyser built on top of multiple packet capture engines (NetFlow, IPFIX, sFLOW, SnabbSwitch, Netmap, PF_RING, PCAP).  Detect networks sending/receiving large volumes of packets

Penetration Testing Framework

osA penetration tester’s job is to demonstrate and document a flaw in security. In a normal situation, a pen tester will perform reconnaissance to find some vulnerabilities

SSH Server Auditing: ssh-audit

sshSSH Audit is a tool for ssh server auditing. Features: Banner grab, Detect SSH1 protocol and zlib compression; * gather key-exchange, encryption & message authentication etc..

Search Machine Since: 1999

My Own Search Engine (Crawler / Spider) 1st developed in 1999 for the Data mining, Text search, Large document collections, Media Monitoring, Text analytics & Document Analysis

USB Anti Forensic Tool: USBdeath

Anti-forensic tool that writes udev rules for known usb devices and do some things at unknown usb device insertion or specific usb device removal.

Information Sensitivity Policy

Information-Sensitivity-PolicyThe Information Sensitivity Policy is intended to help employees in determining appropriate technical security measures which are available for electronic

Secure Unified Communication

Unified communications infrastructure threats and defense strategies and cost savings for businesses. White paper written by Naushad and Gabriela 

Securing VoIP

In this White paper I outlined different approaches to VoIP security and best practices to ensure infrastructure security is intact for making VoIP security a reality by Naushad MSc – Assignment

Modern Disaster Recovery Tools

No More Excuses -I’m Building my own a Modern Disaster Recovery toolkit, How to monitor your strategy to alert you to moves, adds, and changes that may break your plan

Avoid the WPA Wireless Attack

The latest crack in wireless security, specifically, the Wi-Fi Protected Access (WPA) security standard, can threaten the safety of enterprise networks and company information or data

Security on Throughput of IEEEE

Effect of Security on Throughput of IEEE802.11b/g Protocols. Opportunistic Encryption (O-E): In this paper, I propose a framework called O-E that uses an acceptable signal to noise ratio.

GDPR will require 28,000 DPOs

European Union data protection rules will require the appointment of 28,000 data protection officers (DPOs) in the next two years in Europe alone, according to a study.

9 Important Fact:Colocation

With applications supporting your key customer interactions and business functions, all aspects of your IT infrastructure must be scrutinised – including your colocation provider.

NMAP DeepDive

Nmap is a great tool for discovering the network services and ports that your server is exposing to the network. In this guide, I will show you some of the hidden features of the NMAP

CCISO Table of Contents

EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives

Blocking Tor proxy [business]

Blocking Tor proxy users to your Linux server, One of the main reasons is improved security, Here we show a way to make the server appear offline only for Tor users (by sending a TCP RST packet to close the connection). ReadMore

Top 100 Hacking Books

This list for everyone who is interested in ethical hacking, beginners or professionals both. These top 100 hacking books pdf list is created based on the public reviews given for the books.

Cyberthreat Defence Report

An organization’s own staff is its biggest cyber security weakness, a new survey from CyberEdge Group claims.


The challenges security managers face never stand still. Threats change, new technologies appear, global conflicts arise, economic cycles drive business change – the trends in each of these areas have a profound and complex impact on successful security strategies. Here is my personal blog will highlight and analyse emerging security trends and discuss new data from worldwide-and-deepweb, government sources, the security community and security events. Find the meaningful events and predictions amidst all the hype and noise.

4 Nov


9 May

FireEye released the Mandiant® Security Effectiveness Report 2020 which reveals data about how well organizations are protecting themselves against cyber threats and the overall effectiveness of their security infrastructure. The report summarizes the results of thousands of tests performed by experts from the Mandiant Security[…]

18 Jan

The curious case of the Raspberry Pi in the network closet, how we found, analyzed (with the help of Reddit) and in the end caught the culprit of a malicious device in our network

4 Jan

NOTE: This document incomplete, still DRAFT Mode… The intelligence, in terms of security, is a collection of security-related information which when analysed provides meaningful foresight. The threat intelligence likewise is an analysis of information collected about the cyber threat so[…]

23 Jun

Application security encompasses measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities. From the risk management strategic point of view, the mitigation of application security risks is not a one time exercise;[…]

29 Apr

Many of your company’s most valuable assets are at risk to criminal activities carried out on the Dark Web – and you don’t even know it. Turning a blind eye to this will impact your: Brand and reputation Customer loyalty[…]

25 Apr

Canada’s First Cybersecurity Law | BILL C-59 – Secure Knowledge Management SUMMARY Part 1 enacts the National Security and Intelligence Review Agency Act, which establishes the National Security and Intelligence Review Agency and sets out its composition, mandate and powers. It repeals the[…]

Contact Me

Leave a message

Urgent Enquiries

If need to get in touch urgently, Please contact my emergency help line

Email: [email protected]

Twitter: @Naushad_Hunter

Skype: Nash_IT