Master's Projects on Hello Friend

Radio Communications Security

Sun, 25 Jan 2026 20:30:48 +0100

Wireless Security Auditing. See PDF Report

This report explores the vulnerabilities of IoT devices through SDR techniques. Conducted at Sorbonne University, the project addresses the inherent risks of radio communications, where signals propagate in open space, making them susceptible to interception and jamming.

The study utilizes a Raspberry Pi platform equipped with RTL-SDR and PlutoSDR hardware to analyze devices operating on various frequencies. Key experiments include:

Replay Attacks: Intercepting and re-emitting fixed codes to control smart plugs and roller shutters using tools like 433Utils and URH.
False Data Injection Attacks: Manipulating weather station displays by injecting forged temperature frames.
Advanced Signal Analysis: Moving to the 2.442 GHz band to reverse-engineer drone communications using GNU Radio, which involved bypassing XOR encryption and calculating CRC to retrieve a hidden flag.

The project demonstrates that many consumer IoT devices remain fragile due to the use of simple modulations (ASK/OOK) and the absence of protective mechanisms such as rolling codes or robust encryption.

Reverse Hardware Engineering

Mon, 19 Jan 2026 22:06:02 +0100

STM32F4 Firmware Extraction & Protocol Analysis. See PDF Report

Project Description

This project focused on hardware reverse engineering and the study of embedded systems. We dissected an STM32F4-based device to understand its internal logic and communication:

Firmware Extraction: Interfaced with the STM32F4 microcontroller via debug ports to successfully dump the internal memory and retrieve the binary payload.
Protocol Analysis: Identified and decoded TLV (Type-Length-Value) command structures used by the firmware to exchange data with external peripherals.

Reverse Software Engineering

Sat, 20 Dec 2025 18:06:05 +0100

Deep binary analysis of Command & Control (C2) components and malicious documents. See PDF Report

Project Description

This project focused on software reverse engineering and the study of complex infection chains. I dissected malicious components to understand their internal mechanics:

Binary Analysis: Used Ghidra and Binary Ninja to reverse-engineer a C2 component, analyzing its communication mechanisms and persistence capabilities.
Malicious Document Analysis: Investigated compromised XLS and PDF files, including macro flow analysis to identify execution vectors.
Infection Chains: Reconstructed the complete attack lifecycle, from document delivery to the execution of the final payload.

Added Value & Professional Objectives

This experience allowed me to develop a rigorous approach to static analysis and a deep understanding of malicious software architectures:

Infrastructure

Tue, 28 Oct 2025 18:19:03 +0100

Autonomous design, construction, and operation of an enterprise-grade infrastructure. See PDF Report

Project Description

This project moved beyond theory to gain hands-on experience with physical hardware. The objective was to build a complete enterprise network from scratch, focusing on security through strict network segmentation. By creating logical separation between administrative, user, and server domains, I ensured granular control over all traffic flows.

Key components deployed within this segmented architecture include:

Security & Observability: Implemented a full SIEM stack using Elastic (ELK), Fleet, Elastic Defend, and Auditd for centralized logging and alerting.
Identity & Collaboration: Deployed LDAP/LAM for centralized identity management and Nextcloud for secure collaboration.
Perimeter Security: Configured an OPNsense firewall for network control and a WireGuard VPN for secure remote access.
Automation: Used Ansible for streamlined deployment and configuration management.

Added Value & Professional Objectives

Working with real hardware required addressing complex operational issues, such as service interoperability and network misconfigurations, providing a full lifecycle experience:

Pentest

Sat, 27 Sep 2025 17:54:12 +0100

Penetration testing on a simulated enterprise infrastructure. See PDF Report

Project Description

This project, conducted at Sorbonne University, consisted of a comprehensive penetration testing exercise on Windows and Linux environments, including web application audits. I applied a rigorous end-to-end methodology:

Reconnaissance & Scanning: Used Nmap for network mapping and service discovery.
Web Analysis: Performed fuzzing and application penetration testing using Burp Suite.
Exploitation: Executed brute-force attacks via Hydra, researched CVEs on ExploitDB, and performed exploitation with Metasploit.
Reporting: Authored a detailed audit report covering vulnerabilities, impact analysis, and remediation recommendations.

Added Value & Professional Objectives

This experience allowed me to consolidate a strong foundation for my cybersecurity career: