Career Profile
I am a proven Cyber Security leader with over a decade of multi-national (EU, APAC, MENA) management, technical and operational leadership experience. With a uniquely broad range, in-depth knowledge and experience across multiple growth sectors, specializing in Cyber Security focusing on Law Enforcement. I am recognized as being highly agile, quickly assimilating and adapting to business change while delivering best of breed solutions to the customer.
I have worked for a plethora of Law Enforcement & Government Agencies worldwide (50+ countries), including the innovation, evaluation & development of systems and solutions to address the growing criminal space in the Cyber Security area.
I am an extremely strong, influential communicator and sought presenter at conferences. Which helps me in bridging the needs of a technical team, sales requirements and C-level decision makers.
I understood early that security has to be built into the innovation process and innovation is the key to bring a company forward. I am very committed to making a product or business better, more secure and hence minimizing business risks. I am a critical thinker with demonstrated ‘out of the box’ real life examples.
Experiences
Skills & Proficiency
- Applied Hacking for Governmental Operations
- Covert IT Operations - Real Scenarios
- Cyber Solutions for The Fight Against Crime
- Hacking The Human Element
- Keeping up with the Pace New Hacking Tools & Techniques for Practical Operations
- Maximum Impact - The Evolution of IT Investigation
- Next generation Governmental Surveillance
- Real-Life practical IT Intelligence Operations
- Remote Exploitation of Smartphone and PCs - Reality vs Marketing
- Strategic and Tactical Wi-Fi Surveillance
- WiFi Intelligence Gathering - A Key Piece of the Strategic Intelligence Puzzle
- Illuminating the Dark - Technologies for Unmasking Darknet Criminals
- OSINT, HUMINT, SIGINT
- Cyber Investigations
- Intelligence Gathering
- Social Engineering
- Lawful Interception
- Information Security
- Vulnerability Assessment
Projects
Currently, no active or maintained projects, tools or research can be published due to confidentiality agreements.
Published timeframe: 1998 - 2005
Vulnerability in BitDefender for Mail Servers, which can be exploited by malware to bypass detection. The vulnerability is caused due to an error when parsing attachments and can be exploited via a specially crafted UUencoded mail with multiple attachments. Successful exploitation causes malware in an attachment to pass the scanning functionality undetected. The vulnerability has been reported in engine versions 1.6.1 and prior for Linux and FreeBSD.
zigstack is for hardening the TCP/IP Stack (e.g. against DoS-Attacks) of Windows NT, 2000, XP, 2003-based workstations and servers.
Spoofed Packet Generator for Windows & dDoS network testing tool.
ipcshares can deactivate (or activate) the so-called IPC$-shares of WindowsNT, 2000 & XP computers. Those shares are enabled by default and can pose a security risk.
igmpflood is a simple tool for sending malformed IGMP packets to test the hardening of a target address.
RCON protocol is used to administrate your Half-Life/Counter- Strike Server. This advisory shows that it transmits the administrator password in plaintext over the wire.
A paper describing the basics, functionalities and security weaknesses in the IEEE 802.11 (WLAN) standard. Includes a CLI wifi scanner running on Linux/UNIX.
Advisory on a default account used by the Microsoft IIS webserver for anonymous access which can be locked out. With this a website can be remotely shut down.
Advisory affecting Microsoft IIS webserver 4/5 by calling ISM.DLL which allows appending a set of charaters to force the webserver to display the source code of the requested file.
This document shows an attacking technique which allows to misuse secured connection like SSL.
This document describes how network sniffing works and how it can be (ab)used.