applied security research
AUTHOR

Wesley Neelen

Wesley has over 7 years’ experience in the offensive security area working as a penetration tester. Next to his work assessing the security of infrastructures, he spends time researching trends within IT security and on developing defensive measures. Wesley also likes to actively assess the security of home automation, internet of things and 'smart' innovations. Some examples: one of the vulnerabilities discovered by Wesley, is a remote command execution (RCE) vulnerability in the Fibaro home center appliance. The vulnerability allowed to remotely obtain root access on the Fibaro device whenever the web interface is reachable. Another vulnerability that Wesley discovered is a vulnerability within a smartwatch cloud that disclosed the location history of about 300.000 of its users. Both vulnerabilities were fixed after contacting the owners of the products, making the world a little bit safer.

Check out his personal blog to see more of his work.

Follow me

Blogs

Hacking the traffic light of the future

Wesley Neelen - 06 aug 2020

Nowadays we are connecting everything we can think of to the internet. Usually to make our lives easier or more comfortable. Some of the new upcoming innovations are related to making our traffic smart with the goal to improve safety, comfort and the traffic flow. We dived into this technology to analyze the inner workings and identify potential security risks. Lees verder

Detect lateral movement with Azure Sentinel

Wesley Neelen - 01 jul 2020

Lately we have been setting up a the production network for our Zolder.App service. The network consists of multiple segments separated by a firewall. As an addition we wanted to add monitoring features into the network. If an attacker is in our network, we would like to get a notification. Lees verder

Security-by-design. Zo makkelijk is dat niet

Wesley Neelen - 16 jun 2020

Wesley beschrijft de complexiteit bij het bouwen van een netwerk infrastructuur: kies je voor veiligheid of werkbaarheid? Of is er een optimale mix? Lees verder

Inside a phishing panel

Wesley Neelen - 20 mei 2020

Dutch and Belgium citizens are receiving phishing attacks every day. But how does that exactly work? Lees verder

Office 365 – malicious applications

Wesley Neelen - 05 mei 2020

Wesley dives into the App Registrations feature of Microsoft Azure Active Directory. Finds ways to abuse it through delegate & application permissions and shares ideas howto protect from such abuse. Lees verder

Building a Zolder logo

Wesley Neelen - 22 apr 2020

Wesley writes about his most recent IoT project: building a Zolder logo with WS2812B ledstrips behind it, to give it some cool effects. Lees verder