My Projects

A critical assessment of Sweden's national cybersecurity readiness, based on interviews, government reports, and hands-on field observations. The study also compares Sweden's strategic posture to other digitally advanced nations, highlighting the gaps between policy and practice, and outlining what is required to close them.

Deployed and fine-tuned Snort IDS to monitor and analyze network traffic for threats.Custom detection rules were written to identify malicious patterns, generate actionable alerts, and support real-time intrusion detection.

Used Splunk to query and analyze log data, focusing on detecting suspicious activity and understanding how attacker tactics can be identified through logs. By writing custom queries in SPL, I learned how the language works in practice and developed a better eye for spotting anomalies and unusual patterns in data.

Analyzed a simulated phishing‑based compromise of a Windows workstation where I investigated an automated alert generated by an EDR solution, correlated logs in Kibana via Elastic Agent, and identified attacker activity including remote code execution, enumeration, privilege escalation, and persistence.

A hands-on Suricata project where I deployed, installed, and configured the IDS/IPS from scratch, generated malicious traffic to validate detections, and analyzed how alerts were processed and logged in a live environment. From there, I focused on reducing false positives and improving detection accuracy by tuning the ruleset using a .config file.

Worked hands-on with incident investigations and threat analysis in Microsoft Sentinel, digging through logs, spotting suspicious patterns, and strengthening my KQL skills to piece together full attack paths.

HammerCrack is a command-line utility for efficient recovery code enumeration and cracking, built specifically for a CTF challenge. The CLI tool also features a built-in rate-limit bypass through dynamic XFF IP rotation.

A company security policy tailored for IT departments and non-technical staff, built on NIS2, ISO 27001, and the CIA triad.Covers access control, employee training, vulnerability and risk management, data protection (GDPR-compliant), incident response, and business continuity.

A 51-page professional penetration test report based on my assessment against the OWASP Juice Shop machine. Includes full scope, Rules of Engagement, findings with risk ratings, and actionable remediation. The report demonstrates a structured professional methodology and provides an in-depth analysis ready for client delivery.

Analyzed both vulnerable and secure code examples in PHP, Node.js, Python, and C# to understand the root causes of Reflected, Stored, and DOM-based XSS.Identified flaws in realistic code snippets and practiced placing proper mitigations in the source code.

A project where we collaborated as a team to develop a hotel booking system using C#, MySQL, and supporting technologies. The system enabled administrators to manage customers, create and update bookings, and search reservation data.

Developing a custom Python-based workflow that automates vulnerability discovery and exploitation.Nmap scan results are parsed and matched against a CVE database, then prioritized using a trained machine learning model. High-risk findings trigger automated Metasploit exploits.