Alaa ALThubyani

Security Researcher & Purple Team

Current interests

  • Simulating Adversary Behavior: Emulating advanced attack techniques from recent threat intelligence to test detection and response capabilities, with a focus on automating repeatable scenarios.
  • Malware & Exploit Analysis: Developing and analyzing custom malware and exploits targeting multiple operating systems to understand attack paths and system weaknesses.
  • Detection Engineering & Detection-as-Code: Focused on crafting reliable, log-based detections and embedding them into CI/CD pipelines using Detection-as-Code methodologies for scalable SOC operations.

Skills

Penetration Testing

  • Experienced in conducting penetration testing on various targets and domains:
    • Skilled in network and web application security testing and reporting
    • Familiar with various tools and frameworks for vulnerability assessment and exploitation

Red Team

  • Expert in performing red teaming and adversary simulation exercises:
    • Capable of evading antivirus and other security solutions
    • Experienced in active directory attacks and cross-domain attacks
    • Capable of developing and deploying custom malware and payloads

Logs Management

  • Experienced in working with logs and SIEM solutions:
    • Skilled in ELK stack and other log management tools
    • Familiar with the logic and architecture of SIEM systems

Blue Team

  • Capable of performing blue team tasks and responsibilities:
    • Skilled in identifying and mitigating vulnerabilities in systems and networks
    • Capable of analyzing and interpreting logs from various sources and platforms, such as auditd, apache, mysql, sysmon, IIS, and Windows Native logs

Programming

  • Strong background in programming and code review:
    • Highly proficient in Python, Java, C, C#, Assembly, PHP, and JavaScript.
    • Experienced in developing malware and other offensive software.
    • Familiar with web development and software engineering concepts and tools.

Infrastructure

  • Knowledgeable in building and managing infrastructure for various purposes:
    • Skilled in virtualization, docker, terraform, puppet , bolt , ansible , and other DevOps technologies
    • Experienced in building red teaming infrastructure and attack simulation lab

Work Experience

Technology Control Co. (SA, Riyadh)

Principle SOC Research Consultant

Feb 2023 — Ongoing
KPMG Saudi Arabia (SA, Riyadh)

Sr. Cyber Security Consultant (PT & RT)

Oct 2022 — Jan 2023
KPMG Saudi Arabia (SA, Riyadh)

Cyber Security Consultant (PT & RT)

May 2021 — Sep 2022
The General Authority of Meteorology and Environment Protection (SA, Jeddah)

Cyber Security Incident Responder & Investigation Officer

Dec 2017 — Mar 2019
The General Authority of Meteorology and Environment Protection (SA, Jeddah)

IT Specialist

May 2017 — Nov 2017
Enaya Care International Company (SA, Jeddah)

System Developer

Apr 2017 — May 2017

Education

University of Birmingham (UK, Birmingham)

MSc in Cybersecurity

2019 - 2020
King Abdulaziz University (SA, Jeddah)

BSc in Computer Science

2011 — 2016

Certifications

OffSec Certified Expert 3 (OSCE3)
Dec 2024
OffSec Exploit Developer (OSED)
Dec 2024
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
May 2024
OffSec Experienced Penetration Tester (OSEP)
Mar 2023
eLearnSecurity Certified Penetration Tester eXtreme (eCPTXv2)
Mar 2023
Offensive Security Web Expert (OSWE)
Apr 2022
Certified Red Team Expert (CRTE)
Jul 2021
Certified Red Team Professional (CRTP)
Mar 2021
eLearnSecurity Web Application Penetration Tester eXtreme (eWPTXv1)
Jun 2020
eLearnSecurity Certified Professional Penetration Tester (eCPPTv2)
Jul 2019
eLearnSecurity Junior Penetration Tester (eJPT)
Feb 2019


Last update: 08.08.2025