Penetration Tester at Private Sector
2
Talks Delivered
2
Events Spoken At
1
Countries Visited
1
Years Speaking
2
Total Talks Given
My journey in cybersecurity didn't start at the finish line. I built my foundation from the ground up, working extensively as a Security Analyst and Penetration Tester. Those early years spent analyzing defenses gave me the perspective I needed to evolve into my current role as a Head RND practitioner and Red Teamer.
Sharing knowledge has always been a core part of my professional growth. Since 2012, I have been actively presenting materials on network security, Man-in-the-Middle attacks, and wireless security within university environments. This passion for research eventually led me to my current specific focus: biometric security.
To truly test the limits of these systems, I realized I needed to build my own arsenal. This led me to develop several custom security tools specifically for biometric device pentesting, including zksentinel, Bac0d, GAMPAR, Tab0k, B0c0r, and BA RAT.
I’ve been fortunate enough to share the insights from this development journey on larger stages like IDSecConf, where I first presented "Semi-automating Vulnerability Scanner and Exploitation in Biometric Systems." Most recently, I took that research further with a talk titled "Beyond the Match: From Biometric Bypass to Full Control - The Post-Exploitation Secrets Red Teams Use."
At the end of the day, my goal isn't just to break systems, but to understand them deeply. My sincere hope is that the tools and knowledge I share can serve as useful resources for others and contribute positively to our community."
Areas of Expertise
Presentation Types
Audience Types
While traditional biometric security research focuses on "spoofing" sensors (using fake fingerprints or masks), this presentation shifts the paradigm to the underlying operating system of the device itself. It demonstrates that a successful attack does not end with the "Match" (opening the door); that is merely the beginning.
This session explores how Red Teams utilize compromised biometric IoT devices as persistent footholds. By treating biometric controllers not as sensors but as vulnerable, unmonitored Linux/Android servers, attackers can establish Command & Control (C2) channels, exfiltrate sensitive PII, and pivot deeper into the corporate network—often remaining undetected by standard security monitoring.
This presentation introduces a modular framework for assessing the security posture of biometric attendance and access control devices. By utilizing a "Dual-Script" methodology—separating reconnaissance (BAC0D/ZKSentinel) from active exploitation (TAB0K/BA RAT)—this research demonstrates how easily physical security IoT devices can be compromised to gain unauthorized physical access and lateral network movement.
