Security Research & Development





Web Application penetration Testing

I have conducted research on the vulnerabilities in web applications related to cybersecurity. Specifically, I have analyzed the security holes that can be exploited by cyber attackers to gain unauthorized access, manipulate data, or cause damage to a website or its users. My investigation has focused on identifying potential weaknesses in the design and implementation of web applications, as well as the technologies and frameworks used to develop them. The objective of my research is to provide insights into the best practices for securing web applications and preventing cyber attacks.To learn more about the information provided below, you can click for additional details.

I, Jamal H.Shah, have conducted the following tests remotely as a cybersecurity professional for an online education platform, Ghanimah.com, which is a sister company of Alnafi.com, Canada's largest cybersecurity company.

I have included a proof-of-concept (PoC) exploit for each of the identified vulnerabilities.


Network pentration Testing

I have conducted an investigation into the potential vulnerabilities in network penetration testing related to cybersecurity. My research has focused on identifying weaknesses that could be exploited by cyber attackers to gain unauthorized access to a network, data manipulation, or cause damage to a network and its users. I have analyzed the techniques and tools used in network penetration testing to identify potential security holes and gaps in the testing process. The goal of my research is to provide insights into the best practices for securing networks and preventing cyber attacks during penetration testing.To learn more about the information provided below, you can click for additional details.

I have included a proof-of-concept (PoC) exploit for each of the identified vulnerabilities.


Cyber Security Softwares

When conducting research, setting up cybersecurity measures for testing purposes can be difficult. The installation process is complicated, and it requires a good understanding of the system, selecting appropriate tools, making significant changes to the infrastructure, and conducting proper testing to ensure effectiveness.In order to properly run cybersecurity software during research, it is important to follow installation guidance. This guidance should include step-by-step instructions on how to install the software, as well as any additional configurations that may be required. It is crucial to ensure that the software is installed correctly and that any necessary dependencies or prerequisites are met. Running the software without proper installation can result in unexpected errors and inaccurate test results. Therefore, it is essential to carefully follow the installation guidance provided by the software vendor or cybersecurity experts.


Machine Learning

Machine learning is essential in cybersecurity during research because it provides an effective means of detecting and preventing cyber attacks. Traditional rule-based methods for detecting threats are no longer sufficient in today's complex threat landscape, where attackers can quickly adapt their tactics and techniques to bypass traditional security measures. Machine learning algorithms, on the other hand, can learn from large datasets and identify patterns that are not discernible by humans. This enables them to detect and prevent sophisticated attacks, including zero-day attacks and polymorphic malware, in real-time. Furthermore, machine learning can be used to identify anomalous behavior and detect unusual network activity, which can be indicative of a cyber attack. It can also be used to improve incident response by automating threat analysis and response, which enables security analysts to respond to threats faster and more efficiently. In addition to threat detection and prevention, machine learning can also be used to improve vulnerability management by identifying and prioritizing high-risk vulnerabilities. It can analyze network and application data to identify vulnerabilities that are likely to be exploited by attackers and prioritize them for patching. Overall, machine learning is necessary in cybersecurity during research because it enables more effective threat detection, incident response, and vulnerability management, which is critical for maintaining the security of today's complex computing environments.

Data Wrangling

Data Analysis for Network Cyber-Security focuses on monitoring and analyzing network traffic data, with the intention of preventing, or quickly identifying, malicious activity. Such work involves the intersection of statistics, data mining and computer science.

In order to effectively analyze data for cybersecurity purposes, it is essential to perform data wrangling. I have conducted research in this field to develop expertise in preparing data for cybersecurity analysis. This expertise enables me to efficiently clean, organize, and transform raw data into a usable format, which can then be utilized to identify potential threats and vulnerabilities, and to enhance the overall security posture of an organization.

Data-visualization-communication-in-R

Data visualization in R is a useful tool for cyber security research and development. R's statistical and machine learning capabilities can help researchers identify patterns and anomalies in large data sets, which can inform the development of new security measures and strategies. Additionally, R enables collaboration and sharing of research findings, accelerating innovation in the field of cyber security.

Exploratory Data Analysis

Exploratory Data Analysis (EDA) can be a valuable technique in cyber security research, as it can help researchers identify patterns and trends in large datasets related to cyber security incidents and threats.

Through EDA, researchers can identify common attack vectors, vulnerabilities, and other factors that may be contributing to cyber security risks. EDA can also help researchers identify outliers and anomalies in the data, which may indicate previously unknown threats or attack patterns.

Furthermore, EDA can be used to develop predictive models that can identify potential security threats before they occur, enabling organizations to take proactive measures to prevent attacks.
Overall, EDA can be a powerful tool in cyber security research, helping researchers to gain insights into the nature of cyber threats and identify effective strategies for mitigating these risks.

Data Science

Here is a strong link between data science and cyber security, as data science techniques can be used to enhance the effectiveness of cyber security measures.

For example, data science can be used to identify patterns of malicious activity in large data sets, enabling security professionals to detect and respond to cyber attacks more quickly and effectively. Additionally, data science can be used to develop predictive models that can identify potential security threats before they occur, allowing organizations to take proactive measures to prevent attacks.

Furthermore, data science can help improve the accuracy of intrusion detection systems and enhance the capabilities of security analytics tools. By analyzing large volumes of security data, data science can help identify emerging threats and vulnerabilities, enabling security professionals to take proactive steps to mitigate these risks. In summary, data science and cyber security are closely linked, with data science providing powerful tools and techniques that can help improve the effectiveness of cyber security measures.."

A Critical Review of Vulnerability Research for Security by Jamal H. Shah

Drafting a research paper on cyber security, focusing on enhancing web application security, which outlines the research methodology, results, and recommendations for improvement.