I'm Mohamed Mostafa Ali, a Computer Science student specializing in Cybersecurity at the Arab Academy for Science, Technology & Maritime Transport (GPA: 3.54/4.0). Passionate about threat analysis and automation, I've interned at CIB and NBE, gaining hands-on IT and teamwork experience. My projects include malware analysis, threat modeling, and cloud-based red teaming labs, using tools like MITRE ATT&CK, Docker, and Terraform.
Certified in Security+, eJPT, and CCNA, I excel in SOC operations, scripting (Python/Bash), and network security. Ranked in TryHackMe's top 2%, I thrive in problem-solving and fast-paced environments. Fluent in English and Arabic, I combine technical skills with strong communication and adaptability.
I aim to build secure systems and contribute to cybersecurity innovation. Let's connect and collaborate!
University Financial System Threat Modeling and Security Testing Using MTM 2016
Conducted comprehensive threat modeling for a university's financial system
Focused on securing Kerberos-based authentication
Designed Data Flow Diagram (DFD) and identified 113 threats with 85% mitigation
Developed attack tree validated against MITRE ATT&CK framework
System Performance Monitor Project with Bash and Docker
Developed containerized system monitoring script using Docker
Provides dynamic and efficient performance insights
Monitors system metrics and displays real-time statistics
Utilizes shell scripting and container orchestration techniques
Overcame challenges related to runtime configurations
Ensured compatibility with modern GPU-based environments
Self-Initiated Sliver C2 & Botnet Small Lab: Cloud-Based Red Teaming
Built cloud-based red teaming practice lab using Azure and Terraform
Experimented with infrastructure as code (IaC) and automated deployments
Lab consists of C2 machine and botnet of two compromised VMs
Utilized Sliver framework for command and control
Analyzed traffic using Wireshark for C2 communications insight
Gained hands-on experience in post-exploitation and lateral movement
Self-Initiated Cloud-Based SSH Honeypot with AbuseIPDB Integration
Developed low-interaction SSH honeypot deployed on Azure using Terraform
Designed to log unauthorized access attempts and analyze attack patterns
Integrated AbuseIPDB with SSH honeypot tool Pshitt
Provides real-time IP reputation checks and automated reporting
Detailed logging of attack sources, credentials, and metadata
TuxTrace – Forensic Artifact Generation Tool
Built Python-based tool to simulate activity for multiple users
Each user has unique profiles generating realistic forensic artifacts
Generates .bashrc, .bash_history, auth.log, /tmp files, and Cron jobs
Dockerized for easy deployment in training and forensics labs
⭐ ExeRay – AI Powered Malware Detection (Top starred and forked among others)
Developed machine learning system to detect malicious .exe files
Analyzes static features (entropy, imports, metadata)
Combines Random Forest/XGBoost AI models with heuristic rules
Provides fast, accurate classification
Reduces reliance on signature-based detection
Presented the ExeRay scientific research paper at the 9th International Undergraduate Research Conference (IUGRC 2025), held at the Military Technical College (MTC), Cairo, Egypt.
The full academic paper (PDF) is included in this repository (Click on Github icon) under the assets/ folder: ExeRay Paper.pdf
