M. Shahmeer Amir

M. Shahmeer Amir

Dubai, United Arab Emirates
21K followers 500+ connections

Join to follow
Speeqr

  • Contact M. Shahmeer for services

    Cybersecurity, Information Security, IT Consulting, Information Management, IT Law, Strategic Planning, and Training

About

Shahmeer Amir stands as a globally recognized Entrepreneur and Ethical Hacker, awarded Entrepreneur of the year 2024 and also ranking as the third most accomplished bug hunter globally. His expertise has been instrumental in assisting over 400 Fortune companies, such as Facebook, Microsoft, Yahoo, and Twitter, in resolving critical security issues within their systems. Shahmeer's entrepreneurial ventures in the technology realm have led to the establishment of multiple startups, with his current role involving the leadership of Speeqr, and minor involvement in Veiliux and Authiun

In his capacity as the CEO of Speeqr, Shahmeer's flagship company is actively engaged in developing next-generation audio-video communication technologies. Additionally, he serves as the CEO of Veiliux, positioned as Asia's inaugural mainstream Cyber Security startup with a presence in the Asia Pacific, UAE, and the UK. Authiun, another startup under Shahmeer's leadership, offers a comprehensive password-less authentication solution tailored for the 21st century.

Furthermore, Shahmeer serves as the Cyber Security Advisor to the Ministry of Finance in the Government of Pakistan. His involvement spans various projects, including Deep Sea Tracking, Digital Transformation of Legislation, and the Digitization of Pakistani Cultural Content. As a testament to his influence in the tech industry, he holds a position on the Forbes Technology Council.

An engineer and certified Cyber Security professional with credentials from esteemed organizations like EC-Council, Mile2, SANS, among others, Shahmeer is currently exploring Blockchain technology for his doctorate. With three authored books, including "Bug Bounty Hunting Essentials," and numerous research papers, he has solidified his standing as a thought leader in the field.

Shahmeer's prominence extends to the speaking circuit, where he is a highly sought-after keynote speaker on topics such as Cyber Security, Blockchain, and various technologies. Having received invitations to over 80 conferences globally, including prestigious events like Blackhat, GiSec, FIC, AEC Alberta, and many other Global events, he continues to be a beacon of knowledge. Accepted into entrepreneurship programs at esteemed academic institutions, including Stanford, Shahmeer's prowess is further demonstrated by his proficiency in coding in 25 languages and reading code in 35, establishing him as an expert across multiple technologies in his role as CTO of companies.

Articles by M. Shahmeer

Contributions

Join now to see all contributions

Activity

Join now to see all activity

Experience

  • Speeqr Graphic

    Speeqr

    Lahore, Punjab, Pakistan

  • Company ghost image

    • -

      Lahore, Punjab, Pakistan

    • -

      Lahore

  • -

    New Mexico, United States

  • -

    United States

  • -

    Toronto, Ontario, Canada

  • -

    United Arab Emirates

  • -

    Islāmābād, Pakistan

  • -

  • -

    Lahore, Punjab, Pakistan

  • -

    Kiev Region, Ukraine

  • -

    New Zealand

  • -

    United States

  • -

    Albuquerque, New Mexico, United States

  • -

    Peshawar, Khyber Pakhtunkhwa, Pakistan

Education

  • Graphic

    -

    -

  • A+

    -

    Activities and Societies: General Secretary of I.C.E (Innovative and Creative Engineering Society) Member of the Debate Club Member of Book Club

    At UIT, I got by Bachelor in Electrical Engineering and at the same time i polished my skills in Information Security by doing multiple certifications related to the field.

  • A+ Distinction

    -

    Activities and Societies: Maths Club

    As a doctoral candidate for one of the pioneer programs in Blockchain security all over the world, it present a prestigious learning opportunity to learn the technically challenging issues that pertain to the security of Blockchain. This includes Confidentiality, Availability and Integrity issues related to Blockchain and it's overall security posture

  • -

    -

    Activities and Societies: Debate Society

    In Gulshan College, I studied Preliminary aspects of Electrical and Mechanical Engineering that is my core field. I studied basic laws of Physics and Chemical Physics which built a strong foundation of my concepts

  • -

    -

    Activities and Societies: President of the Debate Club Vice President of the Chess club Member of the Computer code club

    1. Pre Matriculation
    2. Matriculation
    3. Post Matriculation

Volunteer Experience

  • Cyber Security Advisor

    Cyber Security Advisor

    Ministry of Finance, Government of Pakistan

    Science and Technology

    Appointed by H.E. Shaukat Tareen Minister of Finance as Cyber Security Advisor for Government of Pakistan

  • Cyber Security

    Cyber Security

    Punjab Information Technology Board

    - 2 years 5 months

    Education

    PITB's project PlanX Power women which comes under the Women development department of Punjab has sought my expertise in Cyber Security to create awareness amongst women regarding cyber crime and Cyber Security. I currently am involved with WDD to carry out trainings on the subject matter of Cyber crime awareness

  • EC Council Item Writer

    EC Council Item Writer

    EC-Council

    - 1 year 7 months

    Education

    Appointed as EC Council Exam Writer Worldwide

  • Chapter Leader Pakistan

    Chapter Leader Pakistan

    OWASP Foundation

    - 4 years 9 months

    Science and Technology

    Became an OWASP Chapter leader to work for spreading Open Web Application security Know-how in the region of Pakistan

  • Judge

    Judge

    IEEE

    - 6 months

    Science and Technology

    Served as a Judge for IEEE Global for Asia Pacific Division

  • Advisor

    Advisor

    Khyber Pakhtunkhwa Information Technology Board (KPITB)

    - 1 year 1 month

    Science and Technology

Licenses & Certifications

Publications

  • A Deep Dive into Bypassing Next-Gen 2FA and MFA Security Measures

    The Seventeenth International Conference on Emerging Security Information, Systems and Technologies SECURWARE 2023

    As businesses and organizations continue to adopt more advanced security measures to protect against cyber attacks, attackers are constantly evolving their techniques to bypass these measures. In this presentation, we will explore the latest techniques for bypassing next-generation 2FA and MFA security measures, allowing attackers to gain access to sensitive information and systems.

    See publication

  • Bug Bounty for Dummies

    Guftugu

    This is a form of ethical hacking and bug bounty hunters look for these holes and are rewarded large amounts of money by the companies that they hack into. The Ethical Hacker's story is an amazing one and is an inspiration for all those wanting to make it in the world.

    See publication

  • Bug Bounty Hunting Essentials

    Packt Publishing

    Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers.

    This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML…

    Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers.

    This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed.

    This book will get you started with bug bounty hunting and its fundamentals.

    See publication

  • Bypassing two factor authentication

    Shahmeer Amir

    Since the dawn of the World Wide Web, attackers have been involved in discovering techniques to compromise systems. Likewise security experts have devised methods to prevent attackers from breaching into systems. Such a system is two factor authentication. Two factor authentication is a method of utilizing a handheld device as an authenticator for online portals. While most organizations consider it a secure means of authenticating their users into their portals, there are methods using which…

    Since the dawn of the World Wide Web, attackers have been involved in discovering techniques to compromise systems. Likewise security experts have devised methods to prevent attackers from breaching into systems. Such a system is two factor authentication. Two factor authentication is a method of utilizing a handheld device as an authenticator for online portals. While most organizations consider it a secure means of authenticating their users into their portals, there are methods using which two factor authentication can be bypassed. The techniques for bypassing 2fa are based on abusing the design and implementation which are often not looked at by web application administrators providing a leverage for attackers to compromise user data.

    See publication

  • Beginner's guide to IoT Security

    Cloud Security Alliance - Utterkhand

    This research paper summarizes the concept of Security flaws in IoT, covering most of the renowned devices that are available in the market. The paper covers basic architecture of IoT and aims to provide security researchers a base to continuing their research

  • Breaking the web with Logics

    Getwhitehats

    This research paper focuses on the Modern Business Logic flaws present in web applications that pose threat to the application. This paper covers several steps to explain the hierarchy of business logic testing methodology emphasizing on each phase separately by means of an example. It also contains several business logic flaws in that are present in today’s web applications and also an approach on developers should remediate those flaws from the web applications. The main goal of this paper is…

    This research paper focuses on the Modern Business Logic flaws present in web applications that pose threat to the application. This paper covers several steps to explain the hierarchy of business logic testing methodology emphasizing on each phase separately by means of an example. It also contains several business logic flaws in that are present in today’s web applications and also an approach on developers should remediate those flaws from the web applications. The main goal of this paper is to help web application security researcher and developers differentiate between web application conventional vulnerabilities and the ones that are related to logical aspect. The purpose of writing this paper is to convince the reader that at a certain point of time in the future automated scanners will be advanced at the level that conventional vulnerabilities will not require human intervention and only Business logic vulnerabilities will be present to leverage conventional ones.

    See publication

  • Modern Wireless Attacks

    Hackerify

    This paper explains brief overview about the Modern Attacks related to Wireless Technology that can pose a potential threat to the devices that communicate with this technology. In a brief format this paper covers several scenarios that theoretically explain the security issues of the wireless infrastructure. As noted upon all the drafted technologies there was no concept of security whatsoever until someone tries to exploits certain loopholes and succeeds or in other words does some damage. As…

    This paper explains brief overview about the Modern Attacks related to Wireless Technology that can pose a potential threat to the devices that communicate with this technology. In a brief format this paper covers several scenarios that theoretically explain the security issues of the wireless infrastructure. As noted upon all the drafted technologies there was no concept of security whatsoever until someone tries to exploits certain loopholes and succeeds or in other words does some damage. As wireless enabled devices such as laptops, cellular phones, and tablets become increasingly pervasive, the demand for reliable and secure mobile computing services escalates. Over the years everything as we know it is being transformed into wireless. But so are the risks that are coming with it. Wireless technology that submissively controls our planes, phones, and computers is prone to security flaws. The research paper covers overall studies that relate to common wireless device flaws in very simple explanation.This paper visualizes theoretical studies on how devices as cast as airplanes and as small as cellphones are vulnerable to wireless attacks.

    See publication

  • SCADA Hacking and Awareness

    Usman Institute of Technology

    SCADA Hacking and Awareness was a research idea presented at Usman Institute of Technology that converged the focus of emerging vulnerabilities in SCADA systems that are industrialized worldwide.
    The presentation outlines the aspects of vulnerabilities in drones, UAVs and other such ICS

    See publication

Patents

  • METHOD AND SYSTEM FOR TELECONFERENCING USING COORDINATED MOBILE DEVICES

    Filed 63/202,796

Courses

  • Certified Cyber Security Professional

    -

  • The Art of Bounty Hunting

    -

Projects

  • VHF Based Vessel Monitoring & Tracking System

  • GSM based Loadshedding and Substation monitoring system

    -

    A GSM and Micro-controller based Sub station monitoring system capable of remotely managing load shedding and power cuts in urban areas. Saving overall mobilization costs of K-Electric and LESCO

  • Mechanical Hover Bike

    A Mechanical Contraption equipped with propellers and thrusters capable to levitating up-to 5 feet off the ground

Honors & Awards

  • Entrepreneur of the Year

    GiSec Global and UAE Government

    Awarded Entrepreneur of the year 2024 at GiSec Global by H.E Dr. Mohammed Alkuwaiti (Head of Cyber Security UAE) and Diane Janosek (Director NSA Ex-Director Pentagon) and UAE Cyber Security Council

  • 40 Under 40 in Cyber Security

    Top Cyber News Magazine

    Awarded the Top most accomplished 40 Cyber Security Professionals Under 40 by Top Cyber News Magazine

  • Tech Hero Award in Top 100 Tech Heroes

    Ministry of Interior Pakistan

    Awarded Top 100 Tech Hero title by Ministry of Interior Pakistan at Connected Pakistan Conference

  • AVAR 2023

    AVAR Asia

    Keynote Speech at AVAR 2023

  • Blackhat MEA 2023 Keynote Speaker

    Blackhat

    Invited to give two keynote speeches and one panel discussion at Blackhat MEA this year

  • Keynote Speaker at Hacktivity Budapest

    Hacktivity

    Invited to Speak at the 20th Golden Jublee of Hacktivity Budapest

  • Panelist and Speaker at One Conference NL

    One Conference

    Invited by Government of Netherlands to speak at Premier Cyber Security Conference in Holland called One Conference

  • Speaker at FIC InCyber Forum North America

    InCyber Forum

    Speaker at InCyber Forum North America

  • Keynote Speaker OWASP AppSec Global Singapore

    OWASP

    Spoken at OWASP AppSec Global Singapore

  • Keynote Speaker at Arab Security Conference

    Arab Security Conference

    Invited as Keynote Speaker

  • Keynote Speaker at National Cyber Summit (NCS)

    National Cyber Summit

    Invited to present my session at the National Cyber Summit (Huntsville, Alabama)

  • Keynote Speaker at ThreatCon

    ThreatNix

    Invited as a Keynote Speaker at ThreatCon Nepal

  • Speaker at The Seventeenth International Conference on Emerging Security Information, Systems and Technologies SECURWARE 2023

    IARIA

    Keynote Speaker at IARIA

  • Speaker at BSides

    BSides

    Invited to Speak at BSides Frankfurt and BSides Cyprus

  • Speaker at DEFCON 31

    DEFCON

    Speaker at DEFCON 31 2023

  • Keynote Speaker OWASP NZ Day

    OWASP

    Keynote Speaker at OWASP NZ Day

  • Keynote Speaker at Nordic IT Security Summit

    Nordic IT Security Summit

    A premier conference in the Nordics about Cyber Security

  • Keynote speaker and Panelist at FIC 2023

    FIC

    Delivered two Keynotes and One Interview / Panel discussion at FIC 2023

  • Speaker and Demonstrator at GiSec

    GiSec

    Honor to represent Pakistan at GiSec Global UAE on two keynote sessions
    1. Dark Stage:
    Topic: Live Hack: Bypassing Next Generation 2FA & MFA Implementations

    2. Critical Infrastructure Stage
    Topic: Live Hack: Hacking into a SCADA system simulation

  • Keynote Speaker Blackhat MEA

    Blackhat

    It gives me great pleasure to announce that I will be delivering two Keynote sessions at one of the most anticipated Cyber Security/Hacking Conferences in the region #BlackatMEA November 15-17 representing Pakistan and my organizations. I will be speaking on "Bypassing next generation 2FA implementations" and "Securing your infrastructure using Bug Bounty programs".

  • Keynote Speaker at Hackfest Canada

    Hackfest Canada

    One of the only Pakistanis to speak at Hackfest Canada as a Keynote Speaker

  • Cyber security Advisor to Government of Pakistan - Ministry of Finance

    Ministry of Finance

  • Heroes of Pakistan (Hamaray Heroes) Award

    Pakistan Cricket Board

    Awarded by Pakistan Cricket Board and Government of Pakistan for my work in Cyber security and representation of Pakistan around the Globe

  • Top Achiever's Award

    EC Council University

    EC-Council University’s Top Achiever's Award 2018. The student selected should demonstrate a passion for cyber security studies and shows a positive attitude toward program peers and instructors. You have met and surpassed these criteria and you have clearly demonstrated the outstanding qualities we look for in our student recipients of this award.

  • ISACA Honorary Speaker Award

    ISACA

    As the first chosen speaker from Pakistan to speak at ISACA Annual Chapter Meeting in Dubai

  • High Achiever and Distinguished Alumni Award

    Usman Institute of Technology

    Recieving High Achiever Award from Chancellor of Usman Institute of Technology

  • Skilled Security Researcher Award

    Deputy Mayor Karachi

    Received Skilled Security Researcher Award from Deputy Mayor Karachi

  • Kickstarter Hall of fame 2017

    Kickstarter

    Rewarded and Acknowledged by Kickstarter for reporting critical flaw

  • Ted Speaker

    Ted

    Became a TED speaker after giving the first ever Ted talk

  • Microsoft Hall of fame 2017

    Microsoft

    Awarded and Acknowledged by Microsoft for reporting security flaws in their systems

  • Airbnb Hall of fame 2016

    Airbnb

    Acknowledged by Airbnb for Disclosing a Single DOS vulnerability in their system

  • 3rd Ranked Bug bounty hunter on the globe

    Dark Reading

    Made my way to the third most accomplished bug hunter around the globe and represented Pakistan

  • Twitter Hall of fame and Reward April 2016

    Twitter

    Acknowledged and Rewarded by Twitter on April 2016

  • Google Hall of fame 2016

    Google

    Acknowledged by Google for reporting vulnerability in Stackdriver acquisition

  • Bitdefender rewards 2016

    Bitdefender

    Rewarded by Bitdefender for reporting a single point buffer overflow vulnerability in their system

  • Snapchat Hall of fame and rewards 2016

    Snapchat

    Rewarded and acknowledged by Snapchat for reporting Hostile subdomain takeover vulnerability

  • Oracle CPU January 2016

    Oracle

    Acknowledged by Oracle for reporting security flaws in Oracle University, Oracle Techonology Network
    http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

  • S.A.P Hall of fame January 2016

    SAP

    Acknowledged by SAP Network for reporting 3 Stored XSS vulnerabilities in Cloud

    http://scn.sap.com/docs/DOC-8218

  • 8th ranked Hacker worldwide by Hackerone 2015

    Hackerone

    Ranked at 8th position on the Worldwide Hacker's list by Hackerone in 2015
    https://hackerone.com/thanks/2015

  • Apache Acknowledgement CVE 2015-5349

    Apache

    Acknowledged by Apache for reporting Command Injection Flaw in Apache Directory Studio
    https://packetstormsecurity.com/files/135116/Apache-LDAP-Directory-Studio-Command-Injection.html

  • Apache Acknowledgment 2015 CVE-2015-5349

    Apache

    Acknowledged by Apache for Reporting Command Injection Vulnerability in Apache Directory Studio
    Listed in University of Kentucky Journal and Institute for Advanced Network Security

    https://www4.uky.edu/ukat/aggregator/sources/7?page=1
    https://security.ias.edu/aggregator/sources/2

  • Apple Hall of fame 2015

    Apple

    Acknowledged by Apple for identifying a critical flaw in their systems

  • Blackberry Hall of fame December 2015

    Blackberry

    Acknowledged by Blackberry as Top researcher of 2015 for reporting 2 Hostile Subdomain takeovers, 3 Broken Session Managements, 4 Command Injections

    http://ca.blackberry.com/enterprise/products/incident-response-team.htm

  • Google Hall of fame and Rewards

    Google

    Acknowledged and Rewarded by Google for reporting Auth bypass vulnerability in Google Ventures

  • Shopify Hall of fame and Rewards October 2015

    Shopify

    Rewarded and Acknowledged by Shopify for 3 Privilege Escalation security flaws
    https://hackerone.com/shopify/thanks

  • Facebook Hall of fame and Reward September 2015

    Facebook

    Acknowledged and Rewarded by Facebook for reporting critical flaws in Parse

  • Facebook Hall of fame and Reward August 2014

    Facebook

    Acknowledged and Rewarded by Facebook for reporting a critical Session Management flaw affecting all sub domains

  • Zimperium Hall of fame 2015

    Zimperium

    Acknowledged by Zimperium for reporting Security Vulnerabilities in Zanti Android app
    https://www.zimperium.com/thanks

  • Microsoft Honor Roll Quarter 3 - 2015

    Microsoft

    Rewarded and Acknowledged by Microsoft for reporting vulnerabilities in Azure Infrastructure
    https://technet.microsoft.com/en-us/security/dn469163.aspx

  • Microsoft Hall of Fame June 2015

    Microsoft

    Listed in Microsoft Hall of fame for reporting vulnerabilities in Xbox

  • Microsoft Honor Roll Quarter 2 - 2015

    Microsoft

    Listed and Acknowledged by Microsoft in MS Honor Roll 2015 among the top researchers
    https://technet.microsoft.com/en-us/security/dn469163.aspx

  • Snapchat Hall of fame 2015

    Snapchat

    Rewarded acknowledged by Snapchat for reporting 2 vulnerabilities

  • CrowdCurity Hall of fame and Reward

    CrowdCurity

    Rewarded and Acknowleged by Crowdcurity for reporting Session Management flaws
    https://www.crowdcurity.com/crowdcurity/hall-of-fame/all

  • Dropbox Hall of fame and Rewards 2015

    Dropbox

    Acknowledged and Rewarded by Dropbox for reporting vulnerabilities in their products

  • Oracle CPU credit 2014

    Oracle

    Acknowledged by Oracle for reporting vulnerabilities in Java magazine
    http://www.oracle.com/technetwork/topics/security/alerts-086861.html

  • Facebook Hall of fame - Whitehats Page 2014 and 2015

    Facebook

    Acknowledged and Rewarded by Facebook for reporting multiple vulnerabilities
    https://www.facebook.com/whitehat

  • Google Hall of fame and Rewards

    Google

    Acknowledged and Rewarded by Google For reporting Vulnerabilities in their Acqusitions
    http://www.google.com/about/appsecurity/hall-of-fame/archive/

  • Microsoft Hall of fame and Rewards - Microsoft Thanks page 2013, 2014, 2015, 2016

    Microsoft

    Rewarded and Separately Recognized by Microsoft for reporting multiple vulnerabilities in their web applications as well as their Desktop Application Skype

    https://technet.microsoft.com/en-us/security/cc308589.aspx

  • Mozilla Hall of fame and rewards 2015

    Mozilla

    Rewarded and Acknowledged by Mozilla for Reporting critical issue in their Web applications

    https://www.mozilla.org/en-US/security/bug-bounty/hall-of-fame/

  • AT&T Hall of fame 2014

    AT&T

    Acknowledged by AT&T for reporting vulnerability in their web applications
    https://bugbounty.att.com/hof.php

  • Twitter Hall of fame - Year 2014 & 2015

    Twitter

    Rewarded and Acknowledged by Twitter for reporting multiple vulnerabilities in their Web applications
    https://hackerone.com/twitter/thanks/2014

  • Heroku Hall of fame and Rewards

    Heroku

    Rewarded and acknowledged by Heroku for reporting critical session based vulnerabilities in their infrastructure

  • Hackerone Hall of fame 2014

    Hackerone

    Rewarded by Hackerone for reporting a critical Management flaw in their system
    https://www.hackerone.com/security/thanks

  • Yahoo Wall of fame - Bug bounty hunter reward 2014

    Yahoo

    Rewarded by Yahoo for reporting multiple vulnerabilities in their sub domains
    https://hackerone.com/yahoo/thanks/2014

  • LinkedIN rewards 2014

    LinkedIN

    Rewarded SWAG by LinkedIN for disclosing critical vulnerabilities

  • Coinbase Hall of fame and Rewards

    Coinbase

    Rewarded and Acknowledged by Coinbase for reporting vulnerability in their BTC Wallet System

  • Keynote Speaker National Cyber Summit

    National Cyber Summit

    Invited to present my talk on Bypassing 2FA and MFA security measures at the National Cyber Summit

  • Prezi Hall of fame and Rewards

    Prezi

    Rewarded a considerable bounty by Prezi and recognized in their Hall of fame 2014

    bugbounty.prezi.com/timeline/

Languages

  • English

    -

  • Punjabi

    -

  • Arabic

    -

  • Siraiki

    -

  • German

    -

  • Sindhi

    -

Organizations

  • OWASP

    Chapter Leader Pakistan

    - Present

    OWASP is a leading non profit organization focuses on strengthening Web application security worldwide, recently i was awarded as the Chapter Leader of the Pakistani region to spread awareness regarding Web Application Security and collectively Cyber Security

  • Charity Hackers Organization

    CEO

    - Present

  • Maads Security

    -

    -

More activity by M. Shahmeer

View M. Shahmeer’s full profile

  • See who you know in common
  • Get introduced
  • Contact M. Shahmeer directly
Join to view full profile

People also viewed

Explore collaborative articles

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Explore More

Add new skills with these courses

See all courses