Saad A.

Co-Founder

Morocco1 yr 11 mos experience

Key Highlights

  • Expert in Cyber Threat Emulation and EDR Evasion.
  • Proven track record in Malware Development and Defense Evasion.
  • Author of CETP with extensive training experience.
Stackforce AI infers this person is a Cybersecurity Expert specializing in Red Team operations and Malware Development.

Contact

LinkedIn

Skills

Core Skills

Cyber Threat EmulationEdr EvasionDefense EvasionReverse EngineeringInitial Access ToolsMalware DevelopmentContent Development

Other Skills

EDR bypass developmentadvanced TTPsadversary simulationReversingDebuggingStatic Detection BypassCode VirtualizationRootkitsC2 Traffic TunnelingInitial Access frameworkmalicious Office Macro DocumentsBypass EDRContent CreationOpen source projectsOpen-Source Development

About

Cyber Threat Emulation, EDR Evasion, Malware Development, Security Researcher, R&D

Experience

Dark space security

Founder & Security Researcher

Jul 2025Present · 8 mos · On-site

  • EDR bypass development and evaluation.
  • Design and weaponize advanced TTPs to create stealthy artifacts for Red Team operations.
  • Research and emulate modern adversary techniques to support realistic adversary simulation.
EDR bypass developmentadvanced TTPsadversary simulationCyber Threat EmulationEDR Evasion

Altered security

Author Evasion Lab (CETP)

Feb 2024May 2025 · 1 yr 3 mos · Singapore

  • Reversing & Debugging EDR's Internals using WinDbg & IDA Pro.
  • Static Detection Bypass using obfuscators & Code Virtualization.
  • Reversing & Exploiting R/W primitive vulnerable drivers to Remove PPL Protection, Bypass DSE, Tamper EDR (removing kernel callbacks, disabling ETW, ...).
  • Reversing & Exploiting vuln Killer drivers to kill EDR's processes.
  • Writing Rootkits that manage PPL Protection, remove EDR kernel callbacks, disable EDR's ETW Providers, kill EDR's processes.
  • C2 Traffic Tunneling over trusted channels like Slack, GitHub, ...
  • ASR rules bypass.
  • Reversing & Bypassing Sysmon.
  • and more ...
ReversingDebuggingStatic Detection BypassCode VirtualizationRootkitsC2 Traffic Tunneling+2

Cognisys

Red Team Developer

Jun 2023Aug 2023 · 2 mos · Manchester Area, United Kingdom · Remote

  • Training Team stuff on Malware development.
  • Blogging & Content Creation.
  • Releasing Open source projects on Malware development and Evasion.
Malware developmentContent CreationOpen source projectsMalware DevelopmentContent Development

Bodyguard.io - stop targeted phishing

Red Team Developer

May 2023May 2024 · 1 yr · Netherlands · Remote

  • Creating Initial Access framework that generates malicious Office Macro Documents, MSIs, HTAs, Weaponized LNKs, PE (Exe, DLL) Loaders & droppers, Containers (ISO, Zip, ...), Backdooring signed ClickOnce, WebDav mapping.
  • Bypass MOTW & Smartscreen.
  • Bypass EDR
Initial Access frameworkmalicious Office Macro DocumentsBypass EDRInitial Access ToolsDefense Evasion

Hack the box

Red Team Content Developer

Jan 2022Jan 2023 · 1 yr · London Area, United Kingdom · Remote

  • - Creating content on Malware Development and Evasion
Malware DevelopmentContent CreationContent Development

Education

Ecole Nationale Supérieure d'Informatique et d'Analyse des Systèmes - ENSIAS

Stackforce found 4 more professionals with Cyber Threat Emulation & Edr Evasion

Explore similar profiles based on matching skills and experience

Keith Monroe

Keith Monroe

Information Security Analyst II

at ComplyRight, Inc.

Washington, United States12 yrs 1 mo exp
Web Application SecurityPenetration TestingSalesCustomer ServiceCritical Thinking
Sanjay Pundarekh

Sanjay Pundarekh

Senior Consultant

at EY

Bengaluru, India5 yrs 2 mos exp
Red TeamingCybersecurityPenetration Testing
Davide Vesentini

Davide Vesentini

Law Enforcement Officer

at Polizia di Stato

Italy29 yrs 5 mos exp
Law EnforcementCybersecurity
Sass Péter

Sass Péter

Founder & Lead Developer

at NOSEC AI

Polgár, Hungary2 mos exp
Web Application SecurityRed Team OperationsTraining and Development