Khalil Nacef

Experience

• 

  Tunisian Travel Service

  Jul 2021 - Sept 2021

  CyberSecurity Student

  -Web Application Penetration Tester Performing Web Application Penetration Testing (WAPT) . The tests were carried out following the OWASP guidelines .

• 

  TRUSTABLE - To be able to trust

  Sept 2022 - Feb 2024

  Cyber Security Consultant

  • Participation in a global vulnerability assessment for several France based clients by Conducting scenario based internal pentests in different countries• Penetration testing fat client / virtualization (Citrix)• Web/Mobile application penetration tests• Internal pentest.• Penetration testing of thick client application• Social Engineering and Awareness: Developed and executedspear-phishing simulations• Security Controls and Mitigation: Applied offensive security techniques to test effectiveness of controls• Reporting and Analysis: Assisted in developing remediation strategies Show less

• 

  TEK-UP

  Sept 2023 - Jun 2024

  Cyber Security Instructor

  Windows Internals:-Explore the inner workings of the Windows operating system.-Understand the kernel mode and user mode components.-Delve into processes, threads, memory management, and system calls.-Cover key concepts such as the Windows Registry and file systems.Active Directory:-Provide a comprehensive understanding of Active Directory (AD) architecture.-Explain the roles of domain controllers, forests, domains, and organizational units.-Cover user and group management, permissions, and group policies.-Discuss AD replication, authentication mechanisms, and trust relationships.Penetration Testing:-Teach the principles and methodologies of penetration testing.-Cover the various phases: reconnaissance, scanning, enumeration, exploitation, and post-exploitation.-Highlight common penetration testing tools and techniques.-Emphasize the importance of ethical hacking and responsible disclosure. Show less

• 

  Eximia Engineering GmbH

  Jun 2024 - now

  Penetration Tester

  • Conducting automotive offensive security operations for leading global brands involves pentesting embedded systems, reverse engineering, and securing communication protocols