
Offensive Security Experience
Penetration Testing & Security Engineering Intern — DATAPROTECT (2026–Present) Final-year Cybersecurity Engineering student at National School of Applied Sciences, currently interning inside the cybersecurity division on offensive security assessments, helping the team find vulnerabilities, test internal controls, and harden client infrastructure.
Offensive Security Intern — Association CyberV (July 2025) I ran a full penetration test against a live Active Directory environment, mapped privilege escalation paths, simulated lateral movement, and wrote up a remediation report for the team. → Read the case study: My First Internship In Offensive Security
Ongoing practice I keep my skills sharp through CTFs (mostly digital forensics) and I’m currently working through the TryHackMe Junior Penetration Tester path.
AI & Security Automation Projects
AI-powered OSINT platform for investigative journalists 🏆 1st place, Gemini Hack Night Built a privacy-first OSINT tool for journalists doing sensitive investigations. It automates source collection and threat-intel lookups, and uses the Gemini API to parse and extract data automatically, so reporters get what they need with less digital exposure.
SecurFlow: Threat intelligence pipeline for CI/CD Built a GitHub Actions pipeline that pulls in live threat intel, scores incoming CVEs by risk, and uses a local LLM to turn each one into a plain-language explanation and patch plan, so a dev doesn’t need a security background to act on it.
CryptoLint-AI: Android cryptographic auditor A static analysis tool for Android apps that flags cryptographic weaknesses in the code, then feeds the results to an LLM to generate risk scenarios and suggested fixes.
A few other things I’ve built: a steganography/steganalysis toolkit for detecting hidden data in files, and an automation layer that maps security logs to MITRE ATT&CK techniques to speed up alert triage for SOC teams.
Infrastructure & Systems
I’ve built and hardened infrastructure end to end: a PKI setup with RADIUS authentication and NAC policies to control network access, virtualized lab environments in VMware vSphere and Proxmox, and a hardened Asterisk VoIP deployment. I’ve also done a deep technical comparison of Linux iptables vs. BSD Packet Filter, how each handles rule evaluation and packet inspection under the hood.
Full-Stack Projects (Built with Security in Mind)
Two of my school projects: a CRM platform in Java and a library management system in PHP, both database-backed, and both built with security considerations baked in from the start (input validation, access control, data handling).
Tools & Skills
Networking: Cisco fundamentals — routing/switching, subnetting, TCP/IP Security tools: Kali Linux, Metasploit, Nmap, Wireshark, Burp Suite, Active Directory, Fortigate firewalls Beyond the technical: I lead on the projects I’m part of, and I make a point of taking every chance I get to speak publicly about my work.