An attacker's mindset, a defender's goal
Cybersecurity consultant with 8+ years in offensive and defensive security — 5+ of them running audits and penetration tests across financial, mobility and large-scale consumer platforms. Full cycle: reconnaissance, vulnerability analysis, ethical hacking, impact and risk evaluation, and remediation follow-up.
From PhD to production
Six years as a PhD researcher at imec-DistriNet (KU Leuven), reverse-engineering large-scale web, mobile and browser platforms and proving impact with working exploits — now bringing that offensive mindset to real-world systems in industry.
Research & audits
-
99 API flaws in dating apps
Reverse-engineered the API attack surface of major dating platforms (e.g. Tinder) and uncovered 99 vulnerabilities exposing user data. Responsibly disclosed and fixed with the vendors. Presented at BlackHat USA.
-
Location privacy in fitness apps
Broke the location obfuscation in fitness trackers (e.g. Strava), built predictive models to demonstrate real-world impact, and proposed practical mitigations. Presented at BlackHat Asia.