Ali Khafagy

Software Engineer

6th of October, Al Jizah, Egypt2 yrs 8 mos experience
Most Likely To SwitchAI Enabled

Key Highlights

  • Over three years of experience in penetration testing.
  • Significant bug bounty discoveries for global organizations.
  • Passionate cybersecurity instructor mentoring future talent.
Stackforce AI infers this person is a Cybersecurity Specialist with a focus on Offensive Security and Vulnerability Management.

Contact

LinkedIn

Skills

Core Skills

Penetration TestingVulnerability AssessmentSecurity TrainingSecurity OperationsNetwork Security ImplementationNetwork DesignLog AnalysisWeb Application SecurityDigital Forensics

Other Skills

Active DirectoryPresentationsWireshark AnalysisSecurity Information and Event Management (SIEM)IPSIDSInternet of Things (IoT)Computer ArchitectureInformation SystemsComputer NetworkingTenable NessusSplunkReverse EngineeringOWASPSoft Skills

About

Proactive Offensive Security Engineer with over three years of professional experience in penetration testing and four years of active bug bounty research. I specialize in Web, Mobile, API, and Network security, with solid experience in Active Directory attack chain simulations. My journey in cybersecurity has been driven by a relentless pursuit of vulnerabilities, leading to significant discoveries in global organizations. I combine a researcher’s mindset with an engineer’s technical depth to secure complex infrastructures. Technical Expertise: - Offensive Security: Web/App Penetration Testing, Mobile Security (Android/iOS), Active Directory Exploitation (Kerberoasting, DCSync, Lateral Movement). - Vulnerability Management: Qualys VMDR, Nessus, CIS Benchmarks, and Authenticated Scanning. - R&D & Automation: Developing custom offensive tools (e.g., BashBard) using Python, Bash, and AI Integration. Bug Bounty Achievements: I have discovered valid and duplicated vulnerabilities in notable organizations such as: Nokia, Coca-Cola, IBM, LinkedIn, Airbnb, AT&T, Compass, IKEA, BugBountySA and more Knowledge Sharing: I am passionate about bridging the gap between theory and practice. As a Cybersecurity Instructor, I mentor the next generation of talent, and I actively share methodologies and insights on my technical blog (5afagy.github.io). Current Focus: Expanding my research into AI-driven Red Teaming and advanced Active Directory offensive techniques.

Experience

2 yrs 8 mos
Total Experience
1 yr
Average Tenure
1 yr 5 mos
Current Experience

Konecta

Cyber Security Instructor

May 2025Aug 2025 · 3 mos · New Cairo North Teseen 217, 3rd floor 11865 Cairo, Egypt · Hybrid

  • Taught cybersecurity fundamentals, covering network, web, and mobile testing.
  • Introduced practical security testing and bug hunting concepts during hands-on sessions.
  • Helped students understand how real-world security testing works.
Security Training

Cyber force

Offensive Security Engineer

Dec 2024Present · 1 yr 5 mos · Cairo, Egypt · On-site

  • Conducting Web & Network Penetration Testing to identify and mitigate security vulnerabilities.
  • Performing Vulnerability Assessments to analyze risks and provide remediation plans.
  • Implementing CIS benchmarks to enhance security compliance.
  • Executing Active Directory Penetration Testing to identify and mitigate domain-level security threats.
Vulnerability AssessmentPenetration TestingActive Directory

Amit learning

Cyber Security Instructor

Sep 2024Jan 2025 · 4 mos · Cairo, Egypt · Hybrid

  • Train students in cybersecurity fundamentals and hands-on security practices.
  • Provide mentorship and career guidance in offensive and defensive security.
PresentationsSecurity Training

All safe

Cyber Security Engineer

Apr 2024Dec 2024 · 8 mos · Cairo, Egypt · Hybrid

  • Defensive: Building security infrastructures and utilizing open-source SIEM for log monitoring, XDR, WAF, IDS, IPS, and firewalls (both open-source and commercial).
  • Offensive: Testing software to detect vulnerabilities and providing developers with mitigation strategies.
Wireshark AnalysisPenetration TestingSecurity Information and Event Management (SIEM)Security OperationsIPSIDS

Fixed solutions

SOC Analyst

Nov 2023Dec 2023 · 1 mo · Remote

  • Security Concepts: Acquired foundational knowledge in cybersecurity principles.
  • SIEM Solutions: Hands-on experience with Splunk and basic SIEM functionalities.
  • Log Analysis: Applied skills in parsing and analyzing logs for threat detection.
  • Skill Development: Continuously improved proficiency in security tools and procedures.
  • Vulnerability Assessment: Participated in basic vulnerability assessment processes to identify and address potential weaknesses.
Vulnerability AssessmentTenable NessusLog AnalysisSplunk

Culture and science city

Teaching Assistant

Sep 2023Aug 2024 · 11 mos · 6th of October, Al Jizah, Egypt · On-site

  • Led engaging lectures, creating an interactive learning atmosphere.
  • Conducted practical tutorials on IoT, Network, Database, and Computer Architecture topics.
  • Contributed to course development, improving the overall curriculum.
  • Provided personalized guidance to students for a better grasp of course materials.
  • Collaborated with faculty on projects, promoting teamwork and knowledge sharing.
Network DesignPresentationsInternet of Things (IoT)Network Security ImplementationComputer ArchitectureInformation Systems+1

National telecommunication institute (nti)

Advanced Cyber Security Trainee

Jul 2023Oct 2023 · 3 mos · Nasr city · On-site

  • Courses included:
  • Linux Red Hat Administration | & ||
  • Network Security
  • Cyber Ops Associate
  • Python for Security
  • Business Skills Modules:
  • Soft Skills training.
  • Business English.
  • Project Management.
  • Freelancing.
Wireshark AnalysisPresentations

Cybertalents

Cyber Security Bootcamp

Jul 2022Sep 2022 · 2 mos · Remote

  • Web Security: Covered confidentiality, integrity, directory brute-force, OWASP TOP 10, XSS, directory traversal, sensitive data exposure, Burp Suite, and injection.
  • Digital Forensics: Explored analysis tools, steganography, network tools, and memory forensics.
  • Reverse Engineering: Introduced reverse engineering and x86 assembly.
Wireshark AnalysisPenetration TestingDigital ForensicsWeb Application SecurityReverse EngineeringOWASP+1

Raya international services

Call Center Agent

Apr 2021Jun 2021 · 2 mos · 6th of October, Al Jizah, Egypt

  • Handling incoming and outgoing customer calls to the organization, handling account inquiries, customer complaints or support issues.
Soft SkillsCommunication

Education

Culture and Science City

Bachelor's degree — Computer Science

Jan 2019Jan 2023

Stackforce found 100+ more professionals with Penetration Testing & Vulnerability Assessment

Explore similar profiles based on matching skills and experience

Pranay Shah

Pranay Shah

Staff Product Manager

at Harness

Bengaluru, India11 yrs 6 mos exp
DevSecOpsSupply Chain SecurityVulnerability Management
Akshatha M

Akshatha M

Senior Lead Information Security Business Analyst

at NXP Semiconductors

Bengaluru, India9 yrs 8 mos exp
Application SecurityCyber Risk ManagementGovernance, Risk Management, and Compliance (GRC)Project ManagementThird Party Risk Management (TPRM)
Mohit Soni

Mohit Soni

Founder & Senior Information Security Analyst

at Lancer InfoSec

India2 yrs 10 mos exp
Red Team OperationsPenetration TestingSecurity Assessments
Akash Singh

Akash Singh

Security Consultant

at Emirates NBD

Dubai, United Arab Emirates3 yrs 10 mos exp
Information Security
Deepak Saini 🇮🇳 🕉️ 🚩

Deepak Saini 🇮🇳 🕉️ 🚩

Founder of Hacksentrypro

at Hacksentrypro

Jaipur, India5 mos exp
CybersecurityEthical Hacking
Nitin Bhamare

Nitin Bhamare

Senior Security Engineer

at GoDaddy

Thane, India10 yrs 10 mos exp
SS

SOUMYA SWARUP

Associate Product Specialist

at WhizHack Technologies

Gurugram, India2 yrs 2 mos exp
Customer Engagement
Karan Bhatt

Karan Bhatt

Engineer- Security [Consultant]

at Ajaib

Bengaluru, India3 yrs 9 mos exp
Application SecurityCloud SecurityPenetration TestingVulnerability Management