Scribd
Upload
9 views5 pages

Walied Assar - Feb - 2025

Walied Assar is an experienced cybersecurity professional with over 11 years in various domains including vulnerability research, malware analysis, and incident response. He has a strong programming background and has contributed to multiple CVEs, as well as published works in the field. Currently, he leads a research lab focused on binary vulnerability R&D while mentoring junior researchers.

Uploaded by

wassarkas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views5 pages

Walied Assar - Feb - 2025

Walied Assar is an experienced cybersecurity professional with over 11 years in various domains including vulnerability research, malware analysis, and incident response. He has a strong programming background and has contributed to multiple CVEs, as well as published works in the field. Currently, he leads a research lab focused on binary vulnerability R&D while mentoring junior researchers.

Uploaded by

wassarkas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

CV / Resume – WALIED ASSAR

Full Name: WALIED ASSAR


Address: Ashmoun, Monofiya, Egypt, 32817.
Mobile: +20 1110777940
Whatsapp: +65 83500655
E-mail: [email protected]
InfoSec blogs:
http://waleedassar.blogspot.com/
https://malwaremiddleeast.blogspot.com
Github: https://github.com/waleedassar
Twitter: @waleedassar

Introduction

Getting to work with everything related to Information Security and Reverse Engineering, pursuing
perfection in every tiny technical aspect of the field, and learning for the sake of learning.

Leadership experience, with initiative to prevent and solve problems. Ability for analysis and
decision making.

11 years of extensive experience in:

● Vulnerability Research
● Reverse Code Engineering
● Low-Level System Programming
● Malware Analysis
● Security Incident Response
● Forensic Analysis / DFIR
● Compromise Assessment
● Web Application Security
● Red Teaming and Advanced Attack Techniques Emulation

Programming:

● C, C++
● x86 Assembly, x64 Assembly, Arm.
● MSIL, C#
● Visual Basic,VBA,VBScript.
● PHP, Python.

CV / Resume – WALIED ASSAR

● Java, JavaScript,, HTML


● Batch, PowerShell

Achievements & publications

● Some of the discovered vulnerabilities CVEs: CVE-2019-1391, CVE-2012-6558,


CVE-2020-1116, CVE-2020-1072, CVE-2020-1237, CVE-2020-1241,
CVE-2020-17035, CVE-2021-1656, CVE-2021-1699, CVE-2021-24098,
CVE-2021-31184, CVE-2021-41335, CVE-2022-24455, CVE-2022-24483
● Referenced in the Malware Analysis Book The Antivirus Hacker's Handbook. ● Malware
Analysis of all malicious samples belonging to multiple targeted attack groups, some of
them later came to be known in the community as Desert Falcons and MoleRats with
myself being the first to handle and report in the whole community.

Tools:

● WinDbg (32-bit & 64-bit), Kd, NTSD, LiveKd, KdNet.


● OllyDbg, x64Dbg.
● IDA Pro, IDA Decompiler, dotPeek, Reflector.
● Visual Studio, Macro Assembler (Masm) , WDK, Eclipse.
● Hyper-V, VMWare, vSphere, Virtual PC, VirtualBox, Parallels, Bochs, Qemu.
● Hex/PE Editors, CFF Explorer, Hiew, Stud_PE.
● Volatility, Yara, WireShark, Fiddler.
● PaloAlto Firewall, WildFire, STRM, SRX, FireEye (NX, MX, FX),SourceFire, LanSweaper,
Bit9, CarbonBlack, InfoBlox, NexThink

Languages: English (Professional), Arabic (Native).


Professional Experience

Secunia Copenhagen Area, Denmark


Security Specialist (2010 – 2011: 11 Months)

● Confirming public reports for web application vulnerabilities (PHP, ASP, ASP.Net, etc) and
writing their advisories.
● Writing advisories for various Linux distributions & embedded devices.

Fircroft Qatar LLC Doha, Qatar (December 2013 – July 2018)


Malware Analyst / Senior Software Security Engineer / Senior SOC Analyst

● Leading Incident response initiatives


● End to end Security Operation activities to protect the network perimeter and all endpoints
● Forensic analysis for targeted attacks and insiders detection
● Development of tools to ease and automate daily tasks for the security team ●
Finding attack patterns in the current environment and the whole region and creating

CV / Resume – WALIED ASSAR

preemptive rules/policies accordingly to make sure the team is always one step ahead of the
attack groups
● Multiple red teaming operations while testing rules/policies
● Started a malware farm (in VM environments) to study all the code paths and also for
distracting and delaying the attackers. This has helped the organization’s security
exponentially
● Provide technical talks on advanced Security subjects and mentor junior members

Kaspersky Lab MENA Senior Security Researcher - (August 2018 - August 2019)

As a member of the Global Research and Analysis (GREAT)Team, my main duty was doing
threat intelligence of specific Middle-East-based APT groups (E.g. Muddy Water).

This included analyzing samples collected from VirusTotal, customers, and multiple other
sources, creating rules and signatures, collecting all possible IOCs/TTPs, and writing private
reports for customers, and technical write-ups one the company website.

Independent Windows Security Researcher/Bug Hunter/APT Researcher - (August 2019–


January 2022)

● Coding my own fuzzers for ntoskrnl.exe and win32k.sys syscalls


● Coding my own fuzzers for kernel driver routines
● Coding my own fuzzers for user-mode COM/RPC/LPC interfaces
● Reversing windows kernel functions to assist fuzzing
● Continuous coverage updates for my fuzzers
● Analyzing hundreds of windows kernel-mode and user-mode crash dumps, tracking bug root
causes
● Responsible disclosure for found bugs/vulnerabilities
● Bug/vulnerability write-ups

Ensign Infosecurity, Singapore

Senior Cybersecurity Researcher (January 2022– November 2023)

● Exploit analysis and Advanced malware reversing.

● Source code review for open source projects.

●​ Make security architecture recommendations that will improve security programs/posture


●​ Mentoring a team of fresh graduates elevating them to the level of finding zero-days.

Head Of ZainTeam Research Lab - (September 2024–Present)

● Lead and manage a team of 4 security researchers and developers in binary vulnerability R&D.
● Oversee the planning, execution, and completion of research projects, ensuring adherence to
timelines and budgets.
● Develop and implement research strategies and methodologies to achieve project goals.
● Mentor and guide junior researchers, providing support for their professional development and
career progression.

You might also like