Hi, my name is Haseeb. I am a Master's student at the University of Waterloo under the supervision of Professor Yousra Aafer, working in the Cryptography Security and Privacy (CrySP) Lab. My current interests include systems security and software engineering.
CrySP Lab, University of Waterloo
Warterloo, Canada
Android Researcher, University of Waterloo Sep 2023 - PresentDeveloping an LLM-powered static analysis tool to detect Android API access control vulnerabilities, reducing manual analysis by 90%. Enhancing AC prediction accuracy (38% → 79%) using LLMs and RAG with CodeT5+ embeddings. Modeling AC propagation via dependency graphs, achieving 97% accuracy in AOSP. Identified 16 insecure APIs, earning vendor acknowledgments (Vivo/Samsung) and $300+ in bug bounties.
LUMS Internet Security and Privacy Lab
Lahore, Pakistan
Cloud Systems Developer | Researcher Sept 2022 - June 2023Conducted an in-depth analysis of audit logs to detect vulnerabilities in containerized applications, focusing on Container Escape Attacks in Docker and Kubernetes. Implemented Multi-Category Security (MCS) to automate container labelling in audit logs, streamlining security measures. Automated log processing in PostgreSQL through integration of Bash and Python scripts, achieving a 30% reduction in processing time.
Techloyce
Remote, UK
Software Development Intern June 2022 - Sep 2022Developed SubscriptionFlow’s SaaS billing mobile app (YC W22), optimizing cache storage and search/filter features to cut data retrieval time by 70%, driving $100K+ in annual revenue for 20+ businesses. Integrated Logistic Regression with class weighting (scikit-learn) to handle imbalanced churn data, achieving 90% recall in high-risk customer detection. Implemented a CI/CD pipeline using Docker and GitHub Actions, streamlining build-test-deploy workflows.
University of Waterloo
Waterloo, Canada
Master of Mathematics in Computer Science Sep 2023 - Aug 2025 (Expected)Advanced Topics in Software Engineering Advanced Topics in Cryptography, Security, and Privacy Software and Systems Security Software Security via Program Analysis
I am currently pursuing my Master's of Mathematics in Computer Science at the University of Waterloo. My coursework includes advanced topics in software engineering and security, where I focus on software testing, debugging, mobile & IoT security, and program analysis for security. I'm also working on my Master's thesis, which is in progress.
Lahore University Of Management Sciences
Lahore, Pakistan
Bachelors in Computer Science Aug 2019 - May 2023Data Structures Algorithms Advanced Programming Databases Software Engineering Network Security Machine learning Aritficial Intelligence
I completed my Bachelor's in Computer Science from LUMS, where I developed a strong foundation in computer science and software engineering. I took courses in data structures, algorithms, advanced programming, databases, software engineering, network security, machine learning, and artificial intelligence.
MeasureMate is a full-featured Android app designed to track and manage gym progress. It features an intuitive UI with dark mode support, real-time data syncing, and secure login using google signin.
Kotlin Jetpack Compose Firebase Authentication Firestore Dagger Hilt Coil Material 3
A mobile application designed to connect the LUMS student community of more than 1000 students Include features such as real-time chat, instructor reviews, adding, deleting a post and search functionality
Flutter Dart Figma Firebase Android Application
A set of Frida scripts designed to explore WeChat and other Android apps by hooking manager APIs, service APIs, file read/write operations, and intent handling. These scripts provide detailed insight into internal app processes, helping with tasks like reverse engineering, debugging, and security research on Android systems.
Frida Android API Hooking Security Research WeChat
WeChat API Fuzzer is a tool for dynamically invoking and analyzing WeChat Miniapp APIs. It leverages WeChat's devtools and Chrome debugger protocol to reverse engineer and customize the debug protocol, allowing dynamic API execution and performance evaluation. The tool also automates parameter filling using static analysis and provides detailed logging of API outcomes.
WeChat API Fuzzing Chrome Debugger Reverse Engineering Static Analysis
Analyzed TV show data from streaming platforms to identify viewer trends and preferences. Performed data cleaning, preprocessing, and made predictions based on insights from the data analysis.
Python Pandas Numpy Matplotlib Data Science Data Analysis
A C++ code scanner written in Haskell that reads C++ source code and generates a sequence of tokens and lexemes. It handles keywords, identifiers, operators, numbers, and comments, producing results in a structured text format.
Haskell GHC C++
A strategic multiplayer board game where players aim to form sequences of five same-colored chips in a row, either vertically, horizontally, or diagonally. The game supports 2 to 12 players, with teams or individuals competing to complete sequences.
HTML/CSS JavaScript Node.js WebSocket Game Development
A comprehensive repository for Container Escape CVEs and their Proof of Concepts (PoCs). Each CVE folder includes PoC scripts, setup instructions, logs, and malicious subgraphs. This resource aids security researchers in understanding and mitigating container vulnerabilities.
Docker Kubernetes Metarget CDK Security Research
This project classifies spoken language samples into categories like English, Urdu, Punjabi, Saraiki, and Mixed languages using machine learning models based on MFCC features. It is divided into two phases: one for broader classification and another for a focused English-Urdu-Mixed classifier.
Python Jupyter MFCC Speech Processing Machine Learning
Placed 1st with a pathfinding algorithm based on breadth-first search that efficiently navigates obstacles and moves pods. Github