Mohamed Mostafa Ali

Mohamed Mostafa
  • I'm Mohamed Mostafa Ali, a Computer Science student specializing in Cybersecurity at the Arab Academy for Science, Technology & Maritime Transport (GPA: 3.54/4.0). Passionate about threat analysis and automation, I've interned at CIB and NBE, gaining hands-on IT and teamwork experience. My projects include malware analysis, threat modeling, and cloud-based red teaming labs, using tools like MITRE ATT&CK, Docker, and Terraform.
  • Certified in Security+, eJPT, and CCNA, I excel in SOC operations, scripting (Python/Bash), and network security. Ranked in TryHackMe's top 2%, I thrive in problem-solving and fast-paced environments. Fluent in English and Arabic, I combine technical skills with strong communication and adaptability.
  • I aim to build secure systems and contribute to cybersecurity innovation. Let's connect and collaborate!
Download My CV

Projects (Chronological Order - Oldest First)

University Financial System Threat Modeling and Security Testing Using MTM 2016

Screenshot - Project One
  • Conducted comprehensive threat modeling for a university's financial system
  • Focused on securing Kerberos-based authentication
  • Designed Data Flow Diagram (DFD) and identified 113 threats with 85% mitigation
  • Developed attack tree validated against MITRE ATT&CK framework

System Performance Monitor Project with Bash and Docker

Screenshot - Project Two
  • Developed containerized system monitoring script using Docker
  • Provides dynamic and efficient performance insights
  • Monitors system metrics and displays real-time statistics
  • Utilizes shell scripting and container orchestration techniques
  • Overcame challenges related to runtime configurations
  • Ensured compatibility with modern GPU-based environments

Self-Initiated Sliver C2 & Botnet Small Lab: Cloud-Based Red Teaming

Screenshot - Project Two
  • Built cloud-based red teaming practice lab using Azure and Terraform
  • Experimented with infrastructure as code (IaC) and automated deployments
  • Lab consists of C2 machine and botnet of two compromised VMs
  • Utilized Sliver framework for command and control
  • Analyzed traffic using Wireshark for C2 communications insight
  • Gained hands-on experience in post-exploitation and lateral movement

Self-Initiated Cloud-Based SSH Honeypot with AbuseIPDB Integration

Screenshot - Project Two
  • Developed low-interaction SSH honeypot deployed on Azure using Terraform
  • Designed to log unauthorized access attempts and analyze attack patterns
  • Integrated AbuseIPDB with SSH honeypot tool Pshitt
  • Provides real-time IP reputation checks and automated reporting
  • Detailed logging of attack sources, credentials, and metadata

TuxTrace – Forensic Artifact Generation Tool

Screenshot - Project Two
  • Built Python-based tool to simulate activity for multiple users
  • Each user has unique profiles generating realistic forensic artifacts
  • Generates .bashrc, .bash_history, auth.log, /tmp files, and Cron jobs
  • Dockerized for easy deployment in training and forensics labs

ExeRay – AI Powered Malware Detection

Screenshot - Project Two
  • Developed machine learning system to detect malicious .exe files
  • Analyzes static features (entropy, imports, metadata)
  • Combines Random Forest/XGBoost AI models with heuristic rules
  • Provides fast, accurate classification
  • Reduces reliance on signature-based detection

Certificates

Certificate 1 Certificate 2 Certificate 3 Certificate 4 Certificate 5 Certificate 6 Certificate 7 Certificate 8 Certificate 9 Certificate 10 Certificate 11 Certificate 12 Certificate 13

Contact Me

mohamedmostafa10110@gmail.com
+20 109 793 6088