• Conceptualized and developed Narrowlink as a remote access tool, considering zero-trust network access principles.• Engineered robust mechanisms for traversing NATs and firewalls, facilitating direct peer-to-peer communication using the QUIC protocol.• Integrated advanced security features, including end-to-end encryption and authentication using XChaCha20-Poly1305 and HMAC-SHA256.• Utilized Rust programming for its performance and safety benefits.• Authored comprehensive user documentation and provided ongoing support to users.• Actively engaged with the user community to gather feedback, prioritize feature requests, and incorporate improvements.• Applied cutting-edge research in cyber security to enhance the security and performance of Narrowlink.• Implemented a userspace TCP/IP stack from scratch for the Rust programming language, integrating it with the TUN interface

• Applied eBPF for network traffic attribution of Android apps and forced forwarding proxy-agnostic apps to an intermediate proxy server.• Introduced a novel dynamic analysis technique to trace asynchronous APIs in Android.• Developed an automated privacy analysis tool using Rust and Kotlin to detect apps privacy leakages throughout Android’s background works.• Created a fully automated large-scale Android app privacy analysis pipeline using Python, incorporating dynamic analysis (API hooking, network analysis), automatic login, and app interaction support to analyze over 15k apps.• Created a deep packet inspection tool to extract PII from network traffic.• Discovered a security issue in Android’s default TLS library and analyzed over 9k top apps in the Android ecosystem to identify vulnerable apps.• Created a fully automated dynamic analysis tool to identify privacy leakages in Android background services.• Developed an automated framework to identify custom encryption on the Android platform (e.g., additional encryption on top of existing standard protocols like encryption over TLS).• Customized a version of Android AOSP to add kernel-level app tracing features.• Conducted manual NDK and SDK static code analysis of various Android applications to identify privacy exposures.• Created various Magisk modules to facilitate dynamic analysis on Android devices.• Implemented a hybrid PHP analysis tool based on AST to detect phishing kit backdoors.• Led a team of over 6 students, providing guidance and mentorship to help them achieve their research goals.

Creating tools to measure performance of the client version of LURK (Rustls based SGX-based cryptography service.)

Implemented a prototype of the LURK (Ericsson’s cryptographic service) protocol for a TLS 1.3 client by adapting Rustls and leveraging Apache Teaclave (Intel® SGX)

Creating tools to measure performance of the server version of LURK (OpenSSL based SGX-based cryptography service.)

• Established and lead internal research groups (Web application security auditing, Mobile application security auditing, reverse engineering).• Consulted and performed penetration testing of more than 380 web applications based on OWASP ASVS.• Consulted and performed penetration testing of 35 mobile applications based on OWASP ASVS/MASVS.• Performed Reverse engineering and security analysis of SIP-T22P Yealink firmware.

• Consulted and performed penetration testing of more than 60 web applications based on OWASP ASVS.• Network security assessment of Ferdowsi University of Mashhad.• Research in HTTP authentication downgrading.