Syed Muhammad Sajjad Hussain

Academic

Verbatim text

ayn
Syed Muhammad Sajjad Hussain
+923351459661, sajjadbukhari092@gmail.com
Sultan Pura, Lahore
LinkedIn: https://www.linkedin.com/in/sajjad-bukhari-20915321a/
[Education
Bachelor of Science (Cyber Security) 2023
Major: Digital Forensics, Information Security, Number Theory and Cryptography, Cloud Security,
ulnerability Assessment & Reverse Engineering, Malware Analysis, Blockchain, Secure Software
Design, Information Assurance, Security Operations and Administration.
Punjab College of Information Technology, Lahore, Punjab 2019
ICS (Physics, Computer, Mathematics)
VARS High School, Lahore, Punjab 2017
Matriculation (Physics, Chemistry, Biology)
Projects
Final Project: inThreat Raider
‘A web-based Cyber Threat Intelligence Platform that gathers, monitors as well as processes the data, flowing through
the organization’s devices to detect and flag any possible threat.
Semester Projects:
In-browser Crypto-Jacking Detection:
Successful detection using Hybrid Malware Analysis with customized dataset, comprising of 23000+ records
Web Reverse Engineering:
Bwapp (vulnerable web application) was reverse engineered using Penetration Testing techniques.
Detection of Impersonated Attacks over Web Applications:
mpersonated attacks over web applications were detected using user profiling technique.
Work Experience
Intern, Protect Lab Feb 2023 — Present
Creating employee focused cybersecurity training modules as a part of funded project.
Served as teaching assistant for diverse courses i.e. Cloud Computing, Information Feb 2023 — June 2023
Served as lab demonstrator for Programming Fundamentals
Skills & Tools
Professional Skills | Leadership, Decision Making, Communication, Operation Management
Technical Skills (C++, Python, Kali Linux, Malware Analysis, OSINT, Penetration Testing, Cloud Technology
Achievements
‘Attained 7.0 bands in IELTS in Dec, 2022 NaSCon’23 CTF — 2" Runners Up
Finalist NaSCon’22 Cybersecurity Quiz Competition — Winner
Trainings / Certification
AWS Certified Cloud Practitioner
Oracle Certified Foundations Associate
(Certified in Cybersecurity — (ISC)?
Currently Training for — eJPTv2 by INE and CCD by Cyberdefenders
Activities
dvisor — FAST Blockchain Society
Deputy Secretary for Auditorium Management & Ceremonies - NaSCOn’22
e Received “NaSCon’22 President’s Choice Award” for my services
FINAL YEAR PROJECTS
A Modern Intrusion Detection System
With the increasing number of cyber-attacks, the need for a robust intrusion detection system has
become paramount. The main motivation behind the development of our intrusion detection
system was to detect any anomalous activity in network traffic and reduce the time of detection so
that organizations can mitigate cyber-attacks in a timely and effective manner. Our primary goal
was to develop a modern intrusion detection system that can help organizations detect and prevent
network and web attacks in a short span of time. Our system utilizes both static rule-based and
machine learning-based approaches for detection of common attacks like SQL injection, cross-site
scripting, cross-site request forgery, and port scanning. The system is highly modular, allowing for
easy introduction of new modules in just minutes.
Features include:
- Static rule-based as well as Machine Learning Based Anomaly detection
- Real Time alerts and alarms generation
- A Beautiful dashboard for providing insights to Security Engineer
- Dataset updated after every Al Anomaly detection
Group Members
EAGLE EYE
Technology Used:
C++,Python,SqIDB,Html, CSS,Javascript
Supervisor Name:
Mr. Jawad Hassana
Group Members:
Awais Sajid (i19 - 1965)
Ammar Asim (119-1969)
Talha Ahmad (i19 - 1692)
ayn
he
AWebDOST
Project Name: AWebDOST (Automated WebApp Dynamic OWASP Security Tester)
Project Objective: AWebDOST is an automated web application security testing tool designed to detect
vulnerabilities in web applications, with a focus on ensuring compliance with a substantial segment of
OWASP Top 10 vulnerabilities. The project aims to provide a comprehensive and reliable solution for
detecting security vulnerabilities in web applications, enabling organizations to experience peace of mind
and enhanced security.
AWebDOST leverages the Selenium framework to automate web application testing, enabling efficient and
accurate vulnerability detection.
Architecture flow:
1. URL Submission
2. Crawling
3. Parsing
4. Testing
5. Report Generation
Vulnerability Categories Covered:
1. Authentication Vulnerabilities
HTTP Header Configurations
OS Command Injection
SQL Injection
Client Side Scripting
LDAP
HTTP Header Injection
Information Disclosure
oS ow Se NS
Architecture
Technology Used:
NextJS, Django, Selenium , SQLite , Python
Supervisor Name:
Dr. Muhammad Asim
Group Members:
Umer Javed (i19 - 1650)
Muhammad Noman llyas (i19 - 1671)
Technologies
Azeem Siddique (i19 - 1952)
F ITER & EMERGIN ENCE: =
Browser Security Extension
Internet has proven to be a great resource to its users. Browsing on internet is simple, but it can
also harm the user if he does unattended browsing. To prevent the user from getting tangled up
in security threats or viruses online, he/she requires some security extensions or antiviruses. The
browser consists of numerous browser extensions present online, but not all resonate with the
users’ needs. Specific security tools provide specific operations, designed for specific types of
users like gamers, web designers or writers, etc. Or the user might need to install different or
numerous security extensions for different security purposes. So we ensure to provide the user
with a chrome extension that provides different security services to the users all in a single
extension, such as preventing him from visiting or downloading any unsafe link, preventing him
from getting tracked or he may not get phished by any scammer. Also, checking for any redirected
shortened links coming from attacker or unsafe domains.
Browser safety extension providing users a secure surfing experience [HTML, CSS, Javascript,
Python, Selenium]: A chrome extension protecting and warning its users from most malicious
harmful attacks and trickery out there on the internet by detecting malicious links on hover,
blocking trackers and detecting phishing links on hover
Technology Used:
HTML, CSS, JavaScript, Python, Selenium.
Supervisor Name:
Dr. Muhammad Asim
(Co) Sara Afzal
Group Members:
Nabeeha Faisal (119-2174)
Amna Amin (119-1682)
ple Se
BSafe - Cybersecurity LMS
BSafe is a Cybersecurity Learning Management System, that uses the technique of "Immersive
Learning" to educate users of Social Engineering Attacks and their preventions to be safe.
Targeted Audience:
1. Students
2. Non-technical Audience
Features include:
1. Training Videos: Videos containing explanations of different Social Engineering attack
vectors like Phishing, Impersonation, Scarewares etc.
2. Immersive Lab Environments: Clones of common Social Platforms like Facebook, Gmail,
Ecommerce Site etc, integrated with attacks for user hands on and training.
3. Attack Explanation: Explanation of the attack encountered by the user, its occurrence and
the mistake of the user that triggered the attack.
4. Attack Mitigation Techniques: Documents and reference links to educate users of possible
countermeasures and proactive techniques to prevent Social Engineering Attack and to
actively respond to it.
5. User Assessment: User Assessments to ensure effective user learning and to give a
competitive environment to users.
Technology Used:
MERN Stack, Python, Flask, Visual Code Studio,
Animaker - Video Designer
Supervisor Name:
Dr. Zainab Abaid
Group Members:
Huma Ahmed (i19 - 1761)
Sohaib Haroon (i19 - 1985)
Hakim Ali (i19 - 2032)
Cyber Security Learning Platform
A cyber security learning platform similar to corsera or udemy but with added feature of cloud
deployable practice labs similar to try hack me. An all in one solution that includes theory as well
as a practical testing component. Topics and courses can be added b

AI enrichment