Ahmed Musaad

Writings of an aspiring security architect

Weekend Learning (1)

I try to spend most of my weekends learning new things or refreshing old knowledge. Most of the time I pick things that I find interesting to make sure my weekends aren’t boring or miserable.

In the interest of possibly inspiring someone to pick one of the topics I find interesting, I will share the stuff I study every weekend so others can get some resources and topics that can be helpful.

(Read more…)

Waiting for WARP

Yesterday, Cloudflare announced the public availability of WARP, their non-traditional VPN that aims to help consumers improve their network security by encrypting the connection between the users’ devices and the edge of Cloudflare’s network.

(Read more…)

Trying Apple Pay

Last week I got a new card from an awesome bank, I use it for almost every purchase mainly because it has a great categorization system that allows me to track my expenses simply and easily. One of the things their app recommended is adding my card to the Apple Wallet so I can use it for contactless payments via Apple Pay, so I did that. Surprisingly, I never used the function itself for a week or two but that change yesterday.

(Read more…)

DoH with Firefox and dnswarden

Disclaimer: DoH with ad-blocking won’t block 100% of the ads.

A week ago, Mozilla published a blog post outlining the results from experiments they have been running in regards to enabling DNS over HTTPS. At the end of their blog post, they mentioned their decision to enable DoH by default for everyone in the US starting late September. An influx of news articles and blog posts criticized Mozilla’s decision and urged the organization to rethink the possible effects it could have on users’ privacy and internet reliability and openness.

(Read more…)

Monitoring NVD Feeds using NVD-Alerts

Part of my daily job is to keep an eye on new vulnerabilities and part of that is sifting through the NIST NVD feeds. Going through those feeds can be exhausting and time-consuming as they contain a lot of information that might not be relevant to our work at all.

I wrote this script to parse the NVD Recent Feed and analyze the information extracted from it to check if a certain CVE is of interest to me or not (based on a list of terms). Once the analysis part is done, the script uses Mailgun to email me a concise message with CVE IDs which I need to check.

(Read more…)

GitHub Student Developer Pack

When  I first started my master studies two years ago, I got a student email address from my university, and while this might seem pretty standard and somewhat useless to some people, it was a milestone for me. Since the day I started my bachelor degree, I was cursing the nasty politics that resulted in my country being subjected to heavy sanctions from the US, which practically prevented IT people from doing anything productive without using a VPN, and also made the utilization of offers like the one I am writing about today a distant dream. But not to worry, I finally have a student email address, and some of my dreams are about to come true.

(Read more…)

GISEC 2016 Presentations

The Gulf Information Security Expo and Conference (GISEC) is the Middle East’s largest annual ICT event attracting top industry professionals including CIOs, CTOs, CSOs and senior management from key industries including finance, energy, telecoms, government sectors and IT.

A premier line-up of speakers and experts drive the conversation in new and strategic directions with world-leading experts and regional case studies across a range of industries and security themes.

(Read more…)

Microsoft TechNet Live Labs

Have you ever wanted to experiment with new technology just to find you don’t have the needed hardware resources to set it up and play around with it? How about trying an online service without having a credit card or a PayPal account? Don’t you just wish that you can have access to online labs where you can try all the configurations you need to learn new technical skills?

Well, look no more, you can do most of the above through Microsoft TechNet Live Labs. TechNet Live Labs are a set of virtual hands-on labs that allow everyone to experience and train on Microsoft products and technologies. You can follow guided tutorials or just wander through the environment as you like.

(Read more…)