Hi, my name is

Shahzeb Ali.

I secure digital frontiers.

I am a Cybersecurity Analyst and Penetration Tester based in Abu Dhabi. I specialize in bridging the gap between Blue Team defense and Red Team offense to build resilient security postures for UAE enterprises.

Check my work
Shahzeb Ali - Cybersecurity SOC Analyst in Abu Dhabi

About Me

Hello! I'm Shahzeb, an entry-level SOC Analyst with a Bachelor's in Computer Science from Lahore Garrison University. My journey in cybersecurity is driven by a curiosity for how systems break—and how to forge them stronger.

I have hands-on experience in incident triage, log analysis, and executing offensive security assessments. I don't just watch the alerts; I understand the attack vectors behind them to protect data integrity.

Here are a few technologies I've been working with recently:

  • Splunk & ELK Stack
  • Metasploit & Nmap
  • Python & Bash
  • Wireshark
  • Cortex & TheHive
  • MITRE ATT&CK Framework

Certifications

  • SOC L1 (TryHackMe)
  • CyberSecurity 101
  • Pre-Security (TryHackMe)
  • Linux 100: Fundamentals (TCM Security)
  • Python (Codedex)
  • Bash Scripting (CodeAcademy)

Technical Arsenal

Blue Team Operations

Proactive monitoring and threat mitigation utilizing industry-standard SIEM and EDR solutions.

Incident Triage Splunk MS Sentinel TheHive Cortex Phishing Analysis

Red Team Tactics

Simulating adversary behaviors to identify vulnerabilities before they can be exploited.

Penetration Testing Nmap Burp Suite Metasploit Hydra OWASP Top 10

Network & Systems

Deep understanding of the infrastructure that supports—and exposes—modern enterprises.

TCP/IP Pyramid of Pain Linux CLI Windows Internals Active Directory DNS/HTTP

Security Engagements

Independent Security Researcher | Yes WeHack

Bug Bounty Hunting

November 2025 - Present

  • Conducted black-box security testing on various web applications, focusing on critical OWASP Top 10 vulnerabilities like Broken Access Control and IDOR.
  • Successfully uncovered and reported a logic vulnerability in a major music streaming platform (Deezer), resulting in a patch and bounty reward.
  • Utilized Burp Suite to intercept and analyze HTTP traffic, identifying discrepancies between client-side controls and server-side validation.
YesWeHack Bug Bounty Reward Confirmation
Bug Bounty Web App Security Burp Suite Logic Vulnerabilities

Enterprise Phishing & Data Exfiltration Simulation

TryHackMe Investigation

December 2025

  • Conducted a full-lifecycle investigation of a compromised endpoint, reconstructing the Cyber Kill Chain.
  • Analyzed Sysmon logs to detect "Living off the Land" (LotL) tactics, distinguishing malicious Robocopy use from benign noise.
  • Identified advanced activities including network reconnaissance via PowerView and stealthy data theft via DNS Tunneling.
Sysmon Forensics MITRE ATT&CK

Mastercard Cybersecurity Experience

Forage Job Simulation

December 2025

  • Served as an analyst on the Security Awareness Team to identify and report phishing threats.
  • Analyzed business areas requiring robust security training and implemented new procedural safeguards.
Phishing Defense Security Awareness Risk Analysis

Hover To Decrypt System Access

What's Next?

Get In Touch

I am currently based in Abu Dhabi and actively seeking opportunities in SOC Analysis and Penetration Testing. Whether you have a question or just want to say hi, I'll try my best to get back to you!

Say Hello

+971 58 611 2232

shahzeb@shahsmen.com