Applied Informatics student at Thomas More, passionate about IT infrastructure, cybersecurity, and building systems that scale. I turn complex problems into clean, reliable solutions.
A curious mind driven by technology, creativity, and a love for building things.
I am a third-year Applied Informatics student at Thomas More in Geel. My passion for technology and problem-solving has driven me to explore various aspects of IT, including infrastructure engineering, cybersecurity, networking, and software development. I enjoy tackling challenges and continuously improving my skills to stay ahead in the ever-evolving tech industry.
Outside of my studies, I have a variety of hobbies that help me maintain a balanced and creative lifestyle. I enjoy photography, capturing unique moments and landscapes. I also have a strong interest in strategy games and board games, which help me develop critical thinking and teamwork skills.
These hobbies, combined with my passion for IT, make me a well-rounded individual who is dedicated to achieving academic and professional success while also valuing creativity, teamwork, and personal growth.
Applied Informatics, Thomas More Geel
2023 to 2026 (expected)
Pentesting · Cybersecurity · Infrastructure · Kubernetes · Networking
Photography · Strategy & board games · Homelab tinkering · Building things
Resilix · Cyber Security Internship · 2026
For my internship at Resilix I built an end to end detection engineering project around Active Directory. I deployed a deliberately vulnerable AD lab (GOAD, Game of Active Directory) and a Microsoft Sentinel SIEM, then worked through a full attack chain that goes from reconnaissance and enumeration all the way to domain compromise, so that every offensive technique could be paired with a reliable detection.
On the offensive side I executed and documented techniques such as Kerberoasting and AS REP roasting, password spraying, NTLM relay and coercion (PetitPotam), LLMNR and NBT NS poisoning, MITM6, Bloodhound enumeration, AD CS abuse, LSASS and LSA secret dumping, DCSync, SMB based code execution, and DNS A record injection (CVE‑2025‑33073). For each technique I engineered KQL analytics rules in Microsoft Sentinel, calibrated thresholds against baseline traffic to limit false positives, and verified that each rule fired against live attack traffic.
Alongside the detections I wrote a remediation guide covering hardening measures for every attack class, and delivered a full realization document as the formal internship deliverable.
This internship taught me that a detection only has value once it survives contact with real attack traffic and real background noise. Writing the queries was the easy part. The hard part was calibrating thresholds so a password spray rule alerts on an actual attack without drowning the analyst in failed logon noise from everyday users. Forcing myself to attack first and detect second changed how I think. I stopped writing rules for the textbook version of a technique and started writing them for the messy events that Windows actually logs. I also learned how much the deliverable itself matters, because a finding that a colleague cannot reproduce or remediate from my documentation simply does not exist. That is why I paired every detection with a concrete remediation and clear evidence.
Offensive and defensive security across Active Directory, network protocols, application security, and vulnerability research.
A selection of projects I've built, contributed to, or am proud of.
Built the infrastructure for a real-world CTF competition platform for BSides Limburg on a self-hosted Kubernetes cluster.
Try Demo
A complete hosting platform with automated deployments, containerized services, and scalable infrastructure built from the ground up.
Try Demo
A secure NFC-based digital voting system with card authentication, a management dashboard, and real-time result tallying.
Try Demo
A custom Kubernetes monitoring dashboard with real-time cluster visibility, per-user isolated instance management, and automated docker-compose-to-Kubernetes conversion.
Try Demo
Designed and built a full Security Operations Center on a home lab with Security Onion, OPNsense, TLS inspection, and custom alerting software.
Self-hosted infrastructure running Proxmox with multiple VMs and containers for learning, experimentation, and hosting services.
A demo project on how API's can be used in Windows powershell.
Designed and assembled a custom drone from scratch, including electronics, flight controller programming, and calibration.
Independent research into Windows attack surfaces, privilege escalation chains, and misconfigured services, all responsibly disclosed to vendors.
A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME (Windows 64-bit) allows a local attacker to escalate privileges via DLL side-loading. The application loads DLL dependencies using the default Windows search order, which includes directories writable by unprivileged users. Because the application always executes with administrative privileges and performs no integrity or signature verification on loaded libraries, an attacker can plant a crafted DLL in a user-writable path that is searched before trusted system locations, causing attacker-controlled code to run with elevated privileges. Affects all versions up to and including 2.0.5.
Beyond the published CVE, I actively research Windows desktop software attack surfaces, focusing on privilege escalation chains, insecure service configurations, and DLL loading weaknesses in consumer applications.
Several additional findings are currently in active vendor coordination and have not yet been publicly disclosed. Details will be published here once the responsible disclosure process is complete.
All research follows responsible disclosure practices: vendors are contacted privately and given adequate time to patch before any public release.
Thomas More Hogeschool, Geel
Final year with specializations in Cybersecurity (SOC, Ethical Hacking), SKIL3 (Kubernetes CTF platform for BSides Limburg), Wireless Networking (LoRa, MQTT), and IT Service Management.
Thomas More Hogeschool, Geel
Deepened knowledge in infrastructure, networking and API development. Built projects including a hosting platform and voting system.
Thomas More Hogeschool, Geel
Foundation in programming, databases, networking fundamentals, and systems administration. Started building my first homeserver setup.
Interested in working together or just want to say hi? Feel free to reach out.
Interested in collaborating or want to know more? Feel free to reach out via email or connect with me on LinkedIn.
Send an Email