| [MAGAZINE][HACKTIVITY][BUG BOUNTY]
Account [Registration]   Lab Role [Anonymous] Researcher: 538 Advisories: 674 Documents: 29 Videos: 115 Date: 19.09.2014 TZ: 17:48

[ Home ] [ Upcoming ] [ Mobile ] [ Vendor ] [ Web-Application ] [ Remote ] [ Local ] [ Websites ] [ Documents ] [ Videos ] [ ? ]

Vulnerability Lab - Researchers, Team & Representatives

A listing of our public working members. Feel free to contact us ... new ideas, creative projects, events, audits/penetration tests, bug bounty programs or famous wargames/contests/challenges. The website is only a short review of some public vulnerability laboratory members in the internal core research team.

Vulnerability Laboratory - Independent Vulnerability Database (EU)

PacketStorm Security - Vulnerability Database (UK)

Offensive Security - Full Disclosure Exploit Database (US)

SCIP CH AG - Bulletin Notification System (EU)


Public Vulnerability Research Team

Benjamin Kunz Mejri (29) is active as a penetration tester and security analyst for private and public security firms, hosting entities, banks, isp(telecom) and ips. His specialties are security checks(penetrationtests) on services, software, web applications, malware analysis, underground economy, government protection or reverse engineering, lectures, presentations and workshops about IT-security. During his work as a penetration tester and vulnerability researcher, many famous open- or closed source applications, software and services were formed more secure. In 1997, Benjamin K.M. founded a non-commercial and independent security research group called, "Global Evolution - Security Research Group".

In 2010 he founded the company "Evolution Security" and Vulnerability Lab estabished as the transparent legal european initiative for vulnerability researchers, analysts, bug bounty hunters, penetration testers and serious hacker groups. Benjamin K.M. identified 0 day vulnerabilities in well known products from companies such as DELL, AT&T, Barracuda, Mozilla, Kaspersky, McAfee, Google, Oracle, Fortinet, Microsoft, Apple, PayPal, Skype, Facebook & SonicWall. He participated in multiple bug-bounty/research/developer programs, manage interviews, solve important security jobs and joined to famous events/contests. In may 2012 Ben discovered 3 critical session vulnerabilities affecting 670 & 350 million user accounts of the skype, ms live and msn hotmail account service. Ben also provides exclusive exploitation sessions & excellent combined security talks.

[ WWW ]
[ EMAIL ]
[ PGP ]

 

Chokri B.A. (25) is a student in programming and network administration at the University of Technology and Computer Science in Tunis(Tunesia). Chokri has been worked in the security field since 2007/2008 & works very active on the arabic security scene. Chokri is specialised on in the field of penetration testing, vulnerability research, underground-economy & crypto-analysis. He is also very talented on new exploitation technics, de/encryption & web-service hacking.

  • C/C++, Perl & VB.NET
  • HTML, JS & PHP
  • Vulnerability Analysis & Research

He joined the Vulnerability-Lab Research Team in 2008 & is official part of the admin team and located in the new/free tunesian security scene. He is also a part of the contest team & navigates it. Chokri has solved & won several wargaming contests like the Tunis Security Days Contest by I&M(Gov) in 2009/2011. Chokri discovered 2011 multiple vulnerabilities in famous websites and services like TRUSTe Seals, Drupal, DIS Banking , XeroBank , International Atomic Energy Agency (IAEA), La Poste FR or USGS Gov. In 2012 Chokri was involved in the disclosure process of 3 critical microsoft skype 0day vulnerabilities. Ben Achour is well known for excellent audit sessions and stable 0day vulnerability releases.

[ WWW ]
[ EMAIL ]
[ PGP ]

 

Ibrahim M. El-Sayed (22) solved in 2012 his Bachelor of Science, in Computer Engineering on the American University of Cairo (Egypt)[AUC]. He started in 2007 finding security vulnerabilites in government web applications & military services. He is specialised on the field of web application penetration testing, vulnerability research & security videos. He is also reporting security issues in web-applications like content management systems, shops, control panels or famous software.

  • Web Application Penetration Tests
  • MacOs, Linux and Windows Server Administration
  • C & C++ Object

In 2011 to participate as final team on the ACM-ICPC International Collegiate Programming Contest. In 2011 he also solved successfully the Cairo Security Camp. In 2013 is team from egypt was under the top5 finalists of the international ATAST CTF. He joined the VL Security Research Team in March 2012 & is a stable member of the contest team. The Storm discovered in 2011 multiple critical severity vulnerabilities in web-applications like switchvox asterisk, landshop, jpm article or b2evolution. In 2012 Ibrahim El-Sayed participated multiple times successful in the PayPal Inc , AT&T & Barracuda Networks bug bounty program.

[ WWW ]
[ EMAIL ]
[ PGP ]

 

Ateeq Khan (34) is a Bachelor in computer science from Karachi University, Pakistan. He is a professional penetration tester / ethical hacker / IT Security Expert & over the past 14 years, he has been performing vulnerability assessment and penetration testing for local / international clients from around the world delivering according to the current industry standards and best methodologies.

  • Vulnerability Assessment
  • Filer Evasion & Filter Bypass
  • Vulnerability Research & Penetration Testing

Ateeq Khan is an active member of Pakistan’s infosec community and is regularly invited as a distinguished speaker at various international events including CSP’12, CSP’13, The Social Media Convention or the ICTN Asia. Ateeq has identified 0day vulnerabilities in Mozilla, Oracle Systems, Juniper, Microsoft, ESET Antivirus, Barracuda Networks, eBay, Parallels and recently became 2013 an active member of the Vulnerability Lab Research Core Team.

[ WWW ]
[ EMAIL ]
[ PGP ]

 

Ebrahim Hegazy (21) is a web penetration tester with high experience in client side attacks and over 6 years of practical knowledge in the information security field. He started his career as a linux server engineer in saudi arabian hosting company. After that, he moved to web application penetration testing. Currently, Ibrahim is information security advisor at one of the leading hosting and security companies in Egypt. He conducts advanced trainings in web, is a master of client side attacks and hosts secure infrastructures for big companies.

  • Web Application Penetration Tests (Client Side))
  • Linux Server Administration & Management & Hosting
  • PHP, ASPX & JAVA

Ebrahim also called "Zigoo" was also a speaker in CSC2012 conference and Isecur1ty pod-cast about "Cyber Warfare in the Middle East in depth". Between 2011-2013 Ebrahim identified and discovered over 100 client side and server-side vulnerabilities in diffrent vendors and products around the globe. He also got acknowledged and rewarded by many high-profile vendors, such as Google, Microsoft, Adobe, PayPal, Yahoo, Ebay, Yandex, AT&T, Barracuda and Avira.

[ WWW ]
[ EMAIL ]
[ PGP ]

 

Ismail Kaleem (25) is a web application penetration tester with experience in intrusion detection bypass and filter evasion techniques. He started his career by working for the Maldivian government as a IT Security Consultant. He has conducted greybox penetration testing for sensitive government organizations in maldives which include the central prison network, Offender Management System (Police), Government Email Management System or Trade Information System. He has expertise in the following fields ...

  • Firewalls, Virtual Firewalls and Networking
  • Web Application Penetration Testing
  • Digital Forensics

He has joined the Evolution Security Team in 2013 and started his first vulnerability releases in may 2013. He discovered several vulnerabilities in Facebook and became part of the facebook whitehat security program. In 2012 to 2013 since may ismail kaleem released several critical vulnerabilities in the Linkedin Network social network and Blackberry.

[ WWW ]
[ EMAIL ]
[ PGP ]

 

Alexander Fuchs (22) is it-system electronics. He started in 2010 finding security vulnerabilites in web applications. He is specialised on in the field of web application penetration testing, vulnerability research & security white. He is also reporting security issues in web-applications, server- and client-applications or vendor websites.

  • C/C++
  • JS, PHP & SQL
  • Web Application Penetration Tests

He joined the Evolution Security Research Team in 2010 & is stable member. He is also a part of the international contest team. Alex discovered 2011 multiple high priority vulnerabilities in the website web-applications like RTL (GamesCom Bug), Prosieben (ProSieben Stefan Raab) , La Poste FR. In march 2012 Alex got listed in the official Apple Security - Hall of Fame. In autumn 2011 Alexander had several interviews because of his discovered vulnerabilities in web infrastructures of the whitehouse & nato rto/otan webserver systems.

[ WWW ]
[ EMAIL ]
[ PGP ]

 

Ivan Montilla Miralles (24) is a security analyst who has been into the security field actively since 2005. He studies Computer Science in the New Professions Institute of Venezuela, and works as a Systems Manager for a production company. He also works for "Global Evolution" Research Team, moderating the contents of the Vulnerability-Lab. He enjoys reading about technology topics, specially those related with distributed computing and operative systems. Ivan is specialised in underground economy, vulnerability research, vulnerability analysis, documentation & management processes. Ivan M. is a ex- co-admin & moderator of the famous blackhat forums with location in south america.

He has joined the Evolution Security Research Team 2004 & is a stable researcher. He is also active in the private internal contest team & has solved several contests like "Create The Future" with the ESDP Simulation Project. He is currently learning the usage of Adobe Flex with Actionscript and MXML for the creation of Rich Internet Applications (RIA). He also does work with JS, Delphi, Basic & PHP. In 2013 Ivan had a famous interview with a venezuelan radio magazin. In 2013 Ivan had a famous live interview in karakas about it-security and cyberwar.

[ WWW ]
[ EMAIL ]
[ PGP ]

 

Sascha Gurko (33) is electronic or creative art designer & student of a famous university near koeln in germany. Sascha is one of the old generation on the hardware hacking sector. He started his work & demonstrations in 2003 & expanded it fast on an international level. In 2009-2011 he visited different art galleries, art/design event shows, presentations & traveled around schweden, moscow, berlin, & usa.

  • Cyber/Electronic Art & Design
  • Micro-Controller
  • Hardware

Sascha doesn't belong to any wargaming or research group, but is still a valuable member of the research and development teams. His trustworthy and skillful character compliment his duties and responsibilities that work as a cornerstone for hardware hacking. Sascha is also a well known by thousends of users on youtube, vimeo & hardware design scene.

[ WWW ]
[ EMAIL ]
[ PGP ]

 

[ Search ] [ News ] [ Submit ] [ Stats ] [ Team ] [ Partner ] [ Talks & Workshop ] [ Subscribe ] [ Customer ] [ Contact ] [ Impressum ]


[Statistics] [Hacktivity] [September] 8 Critical: 2 High: 2 Medium: 4 Low: 0 Best Researcher: [Ateeq Khan]

(c) EVOLUTION SECURITY