Ali Hadi

---

This page is still to be updated...

---

Journals

• HDFS File Operation Fingerprints for Forensic Investigations, (Download),
  Mariam Khader, Ali Hadi, Ghazi Al-Naymat. Elsevier, Digital Investigation Journal, Vol. 24, Pages 50-61, March 2018.
• PDF Forensic Analysis System using YARA, (Download),
  International Journal of Computer Science and Network Security (IJCSNS), Vol. 17 No. 5, May 2017
• Analyzing and Detecting Malicious Content: DOCX Files, (Download),
  International Journal of Computer Science and Information Security (IJCSIS), Vol. 14 No. 8, Aug 2016
• MLDED: Multi-Layer Data Exfiltration Detection System, (Download),
  IEEE Xplore, The Fourth International Conference on Cyber Security, Cyber Warfare, and Digital Forensic (CyberSec2015), Oct 2015
• Ultrasurf Traffic Classification: Detection and Prevention, (Download),
  International Journal of Communications, Network and System Sciences (IJCNS), Aug 2015
• Enhanced Analysis Method for Suspicious PDF Files, (Download),
  International Journal of Computer Science and Network Security (IJCSNS), Jun 2015
• A Model for Detecting Tor Encrypted Traffic using Supervised Machine Learning, (Download),
  International Journal of Computer Network and Information Security (IJCNIS), Jun 2015
• A Novel Approach Covert Channel for Secret Communications, (Download),
  International Journal of Computers and Technology, Dec 2014
• Securing public services using Tariq, (Download), Hakin9 Magazine, May 2010
• Network Security using Hybrid Port Knocking, (Download),
  International Journal of Computer Science and Network Security (IJCSNS), Aug 2010

---

Conference Papers

• Threat Hunting Using GRR Rapid Response. Hussein Rasheed, Ali Hadi, Mariam Khader. The International Conference on new Trends in Computing Sciences (ICTCS'17), Amman/Jordan, 2017.
• A New Technique for File Carving on Hadoop Ecosystem. Esraa Alshammari, Ghazi Al-Naymat, Ali Hadi. The International Conference on new Trends in Computing Sciences (ICTCS'17), Amman/Jordan, 2017.
• Visualizing Clustered Botnet Traffic using t-SNE on Aggregated NetFlows. Muayyad Alsadi and Ali Hadi. The International Conference on new Trends in Computing Sciences (ICTCS'17), Amman/Jordan, 2017.
• Phishing Websites Prediction Using Classification Techniques. Dyana Ibrahim and Ali Hadi. The International Conference on new Trends in Computing Sciences (ICTCS'17), Amman/Jordan, 2017.
• Smart Parser for Identifying and Detecting Insecure Functions. Esraa Alshammari, Ali Hadi, Malik Qasaimeh. The International Conference on new Trends in Computing Sciences (ICTCS'17), Amman/Jordan, 2017.
• Passive DNS Analysis Using Bro-IDS. Abdulla Dakhgan, Ali Hadi, Jaafer Al-Saraireh, Doaa Alrababah. The International Conference on new Trends in Computing Sciences (ICTCS'17), Amman/Jordan, 2017.
• Covert Communication Using Port Knocking. Mariam Khader, Ali Hadi, Amjad Hudaib. Cybersecurity & Cyberforensics Conference 2016, Amman/Jordan.
• Windows Forensic Investigations using PowerForensics Tool. Akram Barakat, Ali Hadi. Cybersecurity & Cyberforensics Conference 2016, Amman/Jordan.
• Reviewing and Evaluating Existing File Carving Techniques for JPEG Files. Esra’a Alshammary, Ali Hadi. Cybersecurity & Cyberforensics Conference 2016, Amman/Jordan.
• A Preliminary Analysis of Drive-by Email Attacks in Educational Institutes. Ja'far Alqatawna, Ali Hadi, Malek Al-Zwairi, Mariam Khader. Cybersecurity & Cyberforensics Conference 2016, Amman/Jordan.

---

Books & Chapters

• Using iPython for Teaching Web Scraping Chapter in the Social Media Shaping e-Publishing and Academia Book. Ali Hadi, Malek Al-Zewairi. Publisher: Springer, March 2017
• A Hybrid Port-Knocking Technique for Host Authentication Chapter in the IT Policy and Ethics: Concepts, Methodologies, Tools, and Applications Book. Ali Hadi. Publisher: IGI-Global, February 2013
• Network Security Chapter in the Simulation in Computer Network Design and Modeling: Use and Analysis Book. Ali Hadi. Publisher: IGI-Global, February 2012

---

Courses and Certification

• OSRE, Offensive Security & Reverse Engineering, 2021
• MAP, Malware Analysis Professional (MAP) Course and Certificate, 2020
• DFP, Digital Forensics Professional (DFP) Course and Certificate, 2018
• HTID, Hacking Techniques and Intrusion Detection, 2012

---

Conference Talks, Events and Presentations

• From Theory to Practice: Enhancing DFIR Skills Through Threat Simulation Scenarios. Ali Hadi and Mariam Khader. Techno Security & Digital Forensics Conference (Techno), USA, 2024.
• Malware Mysteries Uncovered: A Friendly Workshop for Beginners. Ali Hadi and Mariam Khader. National Cyber Crime Conference (NCCC), USA, 2024.
• Investigating a Compromised Linux Web Server. Ali Hadi and Mariam Khader. National Cyber Crime Conference (NCCC), USA, 2024.
• Malware Analysis (Part 1) - Ransomware Simulation. Ali Hadi and Mariam Khader. National Cyber Crime Conference (NCCC), USA, 2024.
• Malware Analysis (Part 2) - Investigating Ransomware Compromised Systems. Ali Hadi and Mariam Khader. National Cyber Crime Conference (NCCC), USA, 2024.
• Expanding Your Arsenal with Malware Analysis. Ali Hadi and Mariam Khader. National White Collar Crime Center (NW3C), USA, 2024.
• Linux Forensics. Ali Hadi and Mariam Khader. High Technology Crime Investigation Association (HTCIA), USA, 2023.
• Ransomware Simulations. Ali Hadi and Mariam Khader. Techno Security & Digital Forensics Conference (Techno), USA, 2023.
• USB Kill Switch. Ali Hadi. Magnet Virtual Summit (MVS), USA, 2021.
• Linux Forensics for IoT: Hello World. Ali Hadi, Austin Grupposo, and Joseph Mccormack. Open Source Digital Forensics Conference (OSDFCon), USA, 2020.
• Performing Linux Forensic Analys and Why you Should Care. Ali Hadi. National White Collar Crime Center (NW3C), USA, 2020.
• Long Live Linux Forensics. Ali Hadi, Brendan Brown, Victor Griswold. (SANS DFIR SUMMIT), USA, 2020.
• Performing Linux Forensic Analys and Why you Should Care. Ali Hadi, Brendan Brown, Victor Griswold. Magnet Virtual Summit (MVS), USA, 2020.
• Performing Linux Forensic Analys and Why you Should Care. Ali Hadi, Brendan Brown, Mariam Khader. Open Source Digital Forensics Conference (OSDFCon), VA, USA, 2019.
• Under Your Radar (UYR). Ali Hadi, Mariam Khader. SLIDES. Black Hat Asia 2015 Arsenal, Singapore, 2015
• Using Zeek for Network Investigations. Ali Hadi. 2019 Northeast Collegiate Cyber Defense Competition (NECCDC), Champlain College, Burlington, VT, USA, Mar 2019
• Threat Hunting: Hunt or be Hunted. Ali Hadi. Security Session, Engineering College Day, Philadelphia University, Amman/Jordan, Apr 2017
• Hunt or be Hunted: Enhancing Your Enterprise doing VA and PenTesting. Ali Hadi. Security Session, Jordan's Engineering Association Electrical Engineering Days 2016, Amman/Jordan, Feb 2016
• Anti-Forensics: Leveraging OS and File System Artifacts. Ali Hadi. Digital Forensics Session, Amman/Jordan, Feb 2016
• Digital Forensics: What, Why, How?. Ali Hadi. Software Quality 2015, Amman/Jordan, October 2015
• Hunt or be Hunted. Ali Hadi. Information Security and Electronic Transactions, Amman/Jordan, Mar 2015
• Data Hiding Techniques. Ali Hadi. Cyber Crime Forum: Challenges and Solutions, Amman/Jordan, 2014

---

Workshop(s)

• Threat Simulations - a Hands-On Investigation. Ali Hadi and Mariam Khader. High Technology Crime Investigation Association (HTCIA), USA, 2024.
• Investigating Linux Systems. Ali Hadi and Mariam Khader. High Technology Crime Investigation Association (HTCIA), USA, 2024.
• Threat Simulations – A Hands-on Investigation. Ali Hadi and Mariam Khader. Digital Forensic Research Workshop (DFRWS), USA, 2024.
• Internal Investigation. Ali Hadi and Mariam Khader. Digital Forensic Research Workshop (DFRWS), USA, 2024.
• Windows Forensics Workshop. Ali Hadi. (BSides Amman), Jordan & USA, 2021.
• Linux Forensics Workshop. Ali Hadi, Brendan Brown, and Victor Griswold. Digital Forensic Research Workshop (DFRWS), USA, 2020.
• Windows Forensics Workshop. Ali Hadi. IT-Research & Development Center (ITRDC), University of Kufa, Iraq & USA, 2020.
• Linux Forensics Workshop. Ali Hadi. Saudi Federation for Cybersecurity, Programming, and Drones (SAFCSP), KSA & USA, 2020.
• Linux Forensics Workshop. Ali Hadi, Brendan Brown, and Victor Griswold. Open Source Digital Forensics Conference (OSDFCon), VA, USA, 2019.
• Digital Forensics and Incident Response (DFIR) Workshop - "first step against cybercrime". Ali Hadi. The International Conference on New Trends in Computing Sciences 2017, Princess Sumaya University for Technology. Amman/Jordan, 11-13 Oct-2017.
• Digital Forensics and Incident Response Burnout Workshop. Ali Hadi and Malek Al-Zewairi. Cybersecurity & Cyberforensics Conference 2016, Amman/Jordan, 3-Aug-2016.

---

Project(s)

• TARIK C5W Adversary Simulation Framework. Contributors: Shady Shaheen and Ali Hadi. 2022 - present.
• CuckooVM, Cuckoo Sandbox running in a Nested Hypervisor. 2019
• Linux Forensics, All about Linux Forensics.
• HDFS, HDFS Forensics Research. 2016 - present. Contributors: Ali Hadi.
• Koala Scanner, Koala scanner is mainly an online system for analyzing and scanning PDF files for suspicious indicators. The system could also be used to extract various PDF objects (ex: Images, JavaScript, URLs, etc), and detect phishing attempts too. 2017. Contributors: Ali Hadi and Sobhi Al-Hassan.
• UYR, Under Your Radar (UYR): Exfiltration using Steganography. 2015. Contributors: Mariam Khader and Ali Hadi.
• Tariq, Hybrid Port Knocking System. Contributors: Ali Hadi.

---

Articles & White Papers (English) - Before 2012

• Know Your Tracks using Nmap, Hakin9 Magazine, pp10-21, August 2012
• The Bug Story, Hakin9 Magazine, September 2011
• Security by Hiding!, Hakin9 Magazine, August 2011
• Mummies Still Walk Among Us!, Hakin9 Magazine, July 2011
• A Hole in your Access Control, Hakin9 Magazine, June 2011

Articles & White Papers (Arabic) - Before 2011

• CVE-2011-2462 Adobe Acrobat and Adobe Reader X Vulnerability, Security4Arabs, December 2011
• Android Network Toolkit for Penetration Testing and Hacking, Security4Arabs, August 2011
• Intrusion Detection for Your Network in Minutes, Security4Arabs, January 2011
• No Minor Changes in the v2 of the PCI-DSS Standards, Security4Arabs, August 2010
• BlindElephant the New Web Application Fingerprinter, Security4Arabs, August 2010
• KeePass Your Password Safe, Security4Arabs, August 2010
• Wireshark Usage Fundamentals, Security4Arabs, June 2010
• DNS Enumeration using Metasploit, Security4Arabs, April 2010
• Using Attack Toolkit for Simple Penetration Testing, Security4Arabs, April 2010
• Is Your Browser Configuration Rare or Unique, Security4Arabs, April 2010
• Apache.org Hacked Again, Security4Arabs, April 2010
• Cyber Criminal Advertising 1.5 Million Stolen Facebook Accounts for Sale, Security4Arabs, April 2010
• Netsparker Web Application Security Scanner, Security4Arabs, April 2010
• CTF from Offensive Security Hacking Tournament, Security4Arabs, April 2010
• Howto use NeXpose from Metasploit to Perform an Attack, Security4Arabs, March 2010
• Howto Solve msfpayload Null Byte Problem in Shellcode, Security4Arabs, March 2010
• Howto Disable SSLv2 in IIS, Security4Arabs, March 2010
• Deny Login to Single User Mode without Proper Authentication, Security4Arabs, March 2010
• Adding a Password to Grub, Security4Arabs, March 2010
• Dradis Effective Information Sharing, Security4Arabs, March 2010
• Sending Payload using Unicorn Scanner, Security4Arabs, March 2010
• Disabling Telnet Port on the Modem, Security4Arabs, March 2010
• Nmap-5.20 Released with More than 150 Significant Improvements, Security4Arabs, February 2010
• NeXpose Community Edition: a Vulnerability Scanning and Penetration Testing Tool, Security4Arabs, February 2010
• Nikto-2.1.1 Released, Security4Arabs, February 2010

---