Khalifa AlShamsi

Offensivebits and Malcrove LLC


Khalifa (@kha1ifuzz) started his Penetration Testing career in 2014. He is a founder of a Offensivebits and Malcrove, companies specializing in Managed Cyber Defense and Offensive Security services. He led more than 60 projects in Penetration Testing and Red Teaming. He has worked as Strategic Technical Advisor to many organizations in UAE and worked on multiple projects such as developing Penetration Testing tools and discovering vulnerabilities.

Khalifa has also participated as an assistant trainer at the BlackHat course “Attacking and Securing APIs” and is regularly invited to deliver talks and workshops.

What students say about this training:

Abusing Active Directory (On-Prem & Azure) Course

“Lab setup with prepared toolset was a time saver and it allowed for focus on theory discussion. Unlike other sessions where 50% of course was story telling, the session presented by Mr Naja and Mr AlShamsi was 95% technical content and all valuable and current”

“Fantastic, informative course! Even knowing a bit about AD compromise before, I received a new perspective to strengthen my skillset.”

“Well presented. Fun. Good explanation of kerberos. Very good at explaining complex topics.”

“You explains the things really well and in simple english. I know what DACL ,SACL were. But I know how frustrating they where when I learned about them last year. You explained it really well that a beginner can understand.”

Abusing & Securing Azure Services

“The course was super fun and useful. I learned a lot, had a ton of fun, and became a better pen tester as a result. Teachers were great, classmates were great, and labs were awesome”

“It was really a great class. You explained it really well unlike other courses in which the instructors just put so many things at the same time. + it was really fun in your class.  Awesome work.”

“As usual, Tarek is the man. This course is very well thought out and he explains every topic thoroughly. Very well put together, great pace, highly interesting – plus you get labs to see exploits done in real time. Highly recommended!”