My Projects

Here is an interactive view of my main projects. Hover your mouse over different sections of the wheel to see their names, then click to explore each universe. Each project reflects a key skill from my cybersecurity journey.

Pentest

Pentesting is the skill I am most interested in for my future career.
I have completed several projects / tasks, each slightly different from the others.

Summary:

Root-Me
VulnHub / AD Intrusion
C2 Server

Root-Me

Root-Me is an ethical hacking challenge platform.
It has hundreds of challenges ranging from level 1 to level 5.
Challenges are spread across multiple categories: App-Script, App-System, Cracking, Cryptanalysis, Forensics, Programming, Realistic, Network, Steganography, Web-Client and Web-Server.
Each completed challenge earns points based on difficulty and contributes to a global ranking.

I have been active on Root-Me since October 2024 and enjoy discovering new vulnerabilities / protocols in my free time.
I mainly worked on Web (Client & Server) and Programming sections.
This experience helped me master tools like BurpSuite, understand JWT, handle Python requests, and spot problematic PHP / HTTP header vulnerabilities.

To see my profile and achievements: click here.

VulnHub / Active Directory Intrusion

One of our second-year projects focused on pentesting. The goal was to access a VulnHub machine and perform privilege escalation to find the admin flag.
The second part was to access an Active Directory server in a GOAD environment (Game Of Active Directory) created by Orange-CyberDefense, to learn about major unprotected AD vulnerabilities.
For the VulnHub VM, we had to write a Write Up explaining each command, why we used it, and what each option did.
This project helped me learn about Networks, Web, Cryptography, and Systems.
I provide my Write Up below.

Write Up: Lupin One

Click to open

C2 Server (In progress)

This infrastructure is part of our final year project at IUT Annecy.
The goal is to get familiar with "Mitre Caldera," a Red-Team audit tool developed by Mitre Attack.
The infrastructure runs on a GNS3 VM hosted on a server for external access.
It consists of a Kali machine, an Ubuntu machine running the C2 server with Mitre Caldera, and a target network.
The network includes: a firewall, a target machine, a Windows 2019 AD server, a Linux server, and an RDS.
The goal is to simulate an attack to mimic a Red-Team audit for a company.
See the topology below.

Programming

Programming showed me computing differently than everyday computer use.
It connects imagination and reality, allowing you to execute ideas. Naturally, I discovered Python.
Today, this discipline remains one of my favorites, both academically and personally.
Over the years, I learned many programming languages, including those shown here: HTML, CSS, and JavaScript.
I also learned others during my studies or self-taught online: PHP, SQL, PYTHON, C++, and JAVA.

Summary:

File Processing - Python
Signal Processing - Python
Pentest Tool - Python
Log Analyzer - C++

File Processing - Python

During my first year, I completed a SAE (Learning and Evaluation Situation) to improve my Python basics.
The project consisted of creating a data management program with a console interface.
The file contained 36,700 different municipalities.
This allowed me to learn the basics: variables, loops, conditions, functions, and file handling.

Python Code

View Code

Signal Processing - Python

In second year, I worked on a signal processing project in Python.
The goal was to analyze audio signals and apply filters (low-pass, high-pass).
I used libraries such as NumPy, Matplotlib, and SciPy for data manipulation and visualization.
This project introduced me to scientific computing and complex data analysis.

Python Code

View Code

Pentest Web Tool - Python

6YZU is a personal tool I developed to automate some pentesting tasks.
It includes scripts for network scanning, service enumeration, and common vulnerability exploitation.
I integrated modules for BurpSuite, Metasploit, and Nmap to centralize workflows.
This is an ongoing project I regularly use for CTFs and Root-Me challenges.

Python Code

View Code

Log Analyzer - C++

I learned C++ independently in my free time.
Being lower-level than Python, it helped me understand memory management, pointers, and object-oriented programming.
I created several C++ projects, including a real-time log analyzer with a colored console interface.
This tool parses large log files (8,000+ lines), detects critical errors (ERROR, CRITICAL, WARNING),
and allows multi-word searches with color-coding by severity.
This project taught me file stream handling, robust user input management, and ANSI sequences for Windows colorization.

C++ Code

View Code

Telecommunication

Telecommunications are at the heart of many modern IT systems.
I worked on several projects involving signal processing and wireless network infrastructures.

Summary:

Signal Processing
WiFi Infrastructure

Signal Processing

This is the telecommunication-focused part of the Signal Processing SAE whose code you could see in the programming section.
The goal was to understand the different processing operations that can be applied to an incoming signal to derive conclusions.
Here I processed the signal and calculated:
- its bilateral FFT
- its carrier
- its AM modulated signal
- its bilateral DSP (in dBm)
- the bilateral DSP of the AM modulated signal
- the mixture of AM signal and carrier (dem1)
- the DSP of dem1 signal
- the DSP of the demodulated signal (dem2)
I then compared the original audio signal with the demodulated dem2 signal.
Finally, I compared the demodulated signal with and without synchronization errors.

This learning and evaluation situation, although coded in Python, was highly focused on signal processing.
It allowed me to learn a lot about different methods used in telecommunications and various operations possible on an audio signal.

Figure 1: Audio signal + bilateral FFT

🔍 Click to enlarge

Figure 2: Carrier + AM modulated signal

🔍 Click

Figure 3: Bilateral DSP (dBm)

🔍 Click

Figure 4: AM x Carrier (0.01s)

🔍 Click

Figure 5: DSP dem1 signal

🔍 Click

Figure 6: DSP dem2 signal

🔍 Click

Figure 7: Audio vs demodulated comparison

🔍 Click

Figure 8: With/without sync error

🔍 Click

WiFi Infrastructure

The Tremo project consisted of deploying a complete WiFi infrastructure for a remote site.
We had to configure access points, manage VLANs, and secure the network with WPA3-Enterprise.
I learned to use WiFi controllers (like UniFi), optimize radio coverage with heat maps,
and diagnose interference with tools like Wireshark and Ekahau.
This project raised awareness of common WiFi vulnerabilities (Evil Twin, deauth attacks) and mitigation techniques.

Networks

Networks are the backbone of cybersecurity.
I worked on several projects involving infrastructure, routing, and network traffic security.
I only include one project here for now because most of my network work was either in labs or certification (found in the "certif" section of the wheel).
You can find my network skills on my CV, to view it, click here.

Summary:

Integrative Project

Integrative Project

The integrative project is a transversal project combining all network fundamentals.
It involves deploying a complete network infrastructure for a fictitious company:
Completed in the final year of first-year BUT.
- Inter-VLAN routing with Cisco routers
- DHCP/DNS server configuration
- VoIP
- Automating admin tasks via PowerShell

This project helped consolidate my knowledge of IPv4/IPv6, Active Directory, VoIP, VLANs, subnets, and maintenance.
I also learned to document infrastructure (network diagrams, addressing plans, deployment procedures).
Unfortunately, I have no screenshots for this project; I performed it directly on the IUT server using the EVE-NG virtualization tool.

Mobile / Web

Mobile and web development are complementary skills in cybersecurity,
allowing understanding of client and server-side vulnerabilities.
These are the vulnerabilities I master best given my Root-Me profile (see Pentest section).
I apologize in advance; I have no proof of my Mobile / Web projects.
Both SAEs were conducted on temporary IUT Annecy servers, and for the professional site with Stripe integration and database, I was not granted permission by the site owner.

Summary:

Mobile Development
Web Client/Server
Websites

Mobile Development

I developed a mobile application using Cordova during a second-year project.
The app allowed browsing a range of movies via an online API.
I added features to filter by genre, relevance, rating, and other data provided by the API.
I learned to design user interfaces on phones, fetch information from an external API, and understand Cordova compilation to deploy the app.
All while consolidating my HTML, CSS, and JavaScript skills.

Web Client / Server

During my second year, I completed a SAE to deepen understanding of web languages (Client and Server).
The goal was to create a secure site for a fictitious company, in my case, a driving school.
In pairs, we created user, instructor, and admin interfaces.
We used HTML, CSS, and PHP.
The site had to interact with a MySQL database.
Interactions included account creation/login and different access levels based on user type.
User: view instructors and book driving sessions.
Instructor: create/delete/modify available slots and restrict certain users.
Admin: delete slots/users and approve instructor accounts.

This project taught me:
- Session / cookie management
- Database management and table interactions
- Server-side practices for different views on the same page
Also:
- SQL injections (using prepared statements)
- CSRF (Cross-Site Request Forgery)
- Poor PHP session handling

I learned to secure applications with proper HTTP headers (CSP, HSTS, X-Frame-Options),
validate user input, and implement salted authentication systems.

Websites

I also developed various websites.
First, this Portfolio shows my skills visually in HTML/CSS/JavaScript.
My goal was an intuitive, clean, professional site representing my capabilities.
I hope my goal is achieved if you are reading this!

Second, I developed a website for a person selling online courses (who requested anonymity).
The site included secure session systems with different access levels depending on membership.
I also integrated a payment platform (Stripe) with different amounts based on user subscription, rights, and durations.
This project improved my professional context experience, where users pay money and expect quality UX.
Security is crucial: account access, data confidentiality, password hashing/salting, and overall data integrity.

Certifications

Certifications obtained during my studies.

CCNA 1 & 2

Focused on networks, my studies allowed me to obtain Cisco Certified Network Associate (CCNA).
I earned CCNA1 in first year and CCNA2 in second year.
This training covers all essential infrastructure concepts for companies of all sizes.
I learned about availability and security to ensure a safe and reliable connection for all users.
I learned to configure switches and routers following best practices.
This certification is essential because network/cybersecurity of company devices is strategic for global IT infrastructure.

CSNA & CSNE (In progress)

My training allowed me to take the Stormshield Network Administrator (CSNA) certification.
This covers managing Stormshield firewalls.
It includes objects, address translation, filtering rules, site-to-site IPSec VPN, and SSL VPN.

I am currently pursuing Stormshield Network Expert (CSNE).
This follows CSNA and focuses on concepts rather than click-by-click firewall operations.
It covers object configuration and NAT policy, protocol event handling, PKI concepts, SSL proxies, IPSec VPN with certificates, GRE/GRETAP tunnels, certificate-based transparent authentication, and high availability.

My Projects

📄 SAE Data Processing.py

📄 SAE Signal Processing.py

📄 6YZU.py

📄 LogAnalysis.cpp