$ whoami
| Personal | Information |
|---|---|
| First name | Dimitrije |
| Last name | Djokic |
| Birth | 1997 |
| Localisation | Paris |
Studies
- 2015 : Scientific High School Diploma - ES (Engineer Sciences)
- 2015-2017 : Classe Préparatoire aux Grandes Ecoles - PSI* (Physics, Industrial Sciences)
- 2020 : Engineer graduate from the École Supérieure d'Ingénieurs Léonard de Vinci - IBO (Computing, Big data & Internet of things)
Professional Experiences
Optimization and automation of password recovery in a penetration testing case scenario Intern
Orange Châtillon, France (04/2019 - 08/2019)
- Setup of the work environment: dedicated server with dedicated software
- Getting started with the different types of hash encountered by the team (
MD5,NTLM,md5crypt,sha512crypt,bcrypt). - Getting started with the different tools used to perform password recovery:
hashcat&John the Ripper - Getting started with the different approaches: wordlist attack, bruteforce attack, use of rules & masks.
End result: creation of a bash script taking a list of hash as an input, automatically recognizing the type of hash, and depending on the hash, launching different attacks and generating a wordlist on the go.
Internet of Things penetration testerIntern
Orange Cyberdefense Rennes, France (03/2020 - 09/2020)
- Realisation of a connected city model/miniature.
- Setup & attack on a 433 MHz radio module using a
HackRF One. - Setup & attack on a RFID tag reader / access control using a
Proxmark v3. - Firmware dump of an active component through the debug port using a
FTDI wire - Setup & attack on a LoRaWAN network used to centralize parking data using
Universal Radio Hacker.
Cybersecurity Engineer
Risk & Co Levallois-Perret, France (10/2020 - now)
As a cybersecurity engineer, I have participated in multiple cybersecurity audits across the globe (France, Netherlands, USA, UK, Brazil).
That gave rise to the opportunity of being chosen as the lead auditor for onsite cybersecurity audits in Uganda, and being one of the only two people sent onsite for the audit of an offshore platform.
The audits included whenever possible conformity audits, configuration audits, architecture reviews, penetration testing and technical team interviews.
As a matter of fact, working mostly in industrial environments, penetration testing and proof of concept were not always the norm, but a good knowledge of what is possible is needed in order to properly inform our clients.
The end result is a final report gathering all the findings (whether actual vulnerabilities or good practice information), their potential risk, and their mitigation under the look of recommendations and an action plan.