Skip to content
Wadie Bouanfar

Cybersecurity Engineer · Spain · EU citizen

Wadie Bouanfar

Designing secure systems.
Understanding software from the inside out.

View selected work
Glass towers photographed from below against an overcast sky

01About

I secure systems by understanding exactly how they fail — layer by layer, down to the metal.

My path into cybersecurity began during my computer engineering degree at Universitat Jaume I with a simple frustration: I could build systems that worked, but I couldn't fully explain what was happening underneath them. Networks, operating systems, memory — every layer I was told to treat as a black box felt like an unread chapter. So I started opening those boxes, and I never really stopped.

That curiosity became a discipline during my master's in Cybersecurity and Privacy at UOC. For my thesis I built a bare-metal Zero Trust laboratory and then attacked it myself — simulating destructive ransomware against the very backup infrastructure designed to survive it. Defence only convinces me when it has been tested against a real, well-understood attack; that principle runs through everything I do.

Today I work across both sides of the field: auditing systems and networks, building automation that turns hours of manual analysis into minutes, and training offensive skills through pentesting labs and CTF challenges. I'm steadily going deeper into reverse engineering and malware analysis — Ghidra, assembly, the internals most people avoid — because the lowest layers are where security is truly decided.

Focus

Infrastructure Security & Zero Trust

Malware & Ransomware Analysis

Security Automation

Languages

Spanish — Native

Arabic — Native

French — Native

English — Professional

Valencian — Fluent

German — Basic

A calm, minimal office interior with dark walls and clean lines

02Experience

2025 — 2026

Backup Server Hardening & Ransomware Analysis

Master's Thesis — UOC

Architected and deployed a bare-metal Zero Trust laboratory on Proxmox VE and Proxmox Backup Server, then simulated destructive ransomware attacks (MITRE ATT&CK T1490, wiper mode) against it. Implemented data immutability, micro-segmentation and strict RBAC, authored an open-source hardening guide, and achieved an optimal recovery time objective.

2025 — 2026

IT Security Audits

Technical assessments

Performed technical audits on computer systems and local networks: identifying insecure configurations, evaluating access policies and detecting vulnerabilities. Delivered detailed technical reports with prioritised corrective measures.

2025

Automated Network Analysis Tool

Security automation

Developed an automated tool for discovering active hosts and open ports in local networks, with service and version analysis, vulnerability identification and password strength evaluation. Generated preventive reports with prioritised recommendations.

2024

Pentesting & CTF Practice

Hack The Box · TryHackMe

Completed numerous Capture The Flag challenges and penetration testing labs, applying command injection and other offensive techniques with Nmap, Burp Suite and Gobuster, and conducting vulnerability assessments end to end.

03Selected Work

Dark server racks with cabling behind mesh doors

01 · Zero Trust · Master's Thesis

Ransomware-Resilient Backup Infrastructure

Problem

Modern ransomware doesn't just encrypt production systems — it hunts down the backups first (MITRE ATT&CK T1490). If the recovery infrastructure itself can be reached and destroyed, every other defence is theatre.

Solution

A bare-metal Zero Trust laboratory built on Proxmox VE and Proxmox Backup Server behind pfSense: micro-segmented networks, strict RBAC with scoped API tokens, and immutable backup storage. I then played the attacker — scripting destructive, wiper-mode ransomware simulations against the lab to prove the design held under a real T1490 scenario.

Results

  • Immutable backups survived simulated wiper-mode ransomware attacks
  • Optimal recovery time objective achieved and measured
  • Open-source operational hardening guide published from the findings

Proxmox VE · Proxmox Backup Server · pfSense · Zero Trust · RBAC · MITRE ATT&CK

Earth at night photographed from orbit, city lights tracing networks

02 · Security Automation

Automated Network Analysis Tool

Problem

Assessing a local network by hand — enumerating hosts, ports, services and weak credentials — takes hours of repetitive work and produces inconsistent notes rather than evidence a team can act on.

Solution

An automated pipeline that discovers active hosts and open ports, fingerprints services and versions, identifies known vulnerabilities and evaluates password strength through controlled brute-force techniques. Every run ends in a preventive report with recommendations ranked by priority.

Results

  • Full network assessment reduced from hours of manual work to one command
  • Weak and default credentials surfaced before an attacker finds them
  • Prioritised, repeatable reports replace ad-hoc findings

Python · Bash · Nmap · Hydra · Rclone

Two engineers annotating printed diagrams between open laptops

03 · Vulnerability Assessment

IT Security Audits

Problem

Most systems don't fall to exotic exploits — they fall to insecure configurations, over-permissive access policies and unpatched services that nobody had examined systematically.

Solution

Technical audits of computer systems and local networks: reviewing configurations against hardening baselines, evaluating access policies, and detecting vulnerabilities across the attack surface. Each audit closes with a detailed technical report of prioritised corrective measures the owner can execute immediately.

Results

  • Insecure configurations and access-policy gaps identified before exploitation
  • Findings ranked by real risk, not scanner severity
  • Reports written to be actioned, not archived

Linux · Network Security · Vulnerability Analysis · Technical Reporting

Macro photograph of a printed circuit board with a central processor

04 · Pentesting · CTF

Offensive Security Practice

Problem

You cannot design credible defences against techniques you have never executed. Offensive skills decay unless they are practised against realistic, hostile targets.

Solution

Sustained, hands-on training across Hack The Box and TryHackMe: penetration testing labs and CTF challenges covering enumeration, web exploitation, command injection and privilege escalation — with Nmap, Burp Suite, Gobuster and ffuf as working instruments rather than checklist items.

Results

  • Numerous CTF challenges and pentesting labs completed
  • Offensive techniques feed directly into audit and hardening work
  • Cisco Ethical Hacking certification completed alongside the practice

Nmap · Burp Suite · Gobuster · ffuf · Linux · Command Injection

04Capabilities

From disassembly to deployment — one continuous discipline.

Security & Analysis

  • Ghidra
  • Wireshark
  • Burp Suite
  • Nmap
  • Hydra
  • Gobuster
  • ffuf
  • Malware Analysis
  • Assembly
  • SIEM · IDS/IPS

Infrastructure & Systems

  • Linux · Unix
  • Windows
  • Proxmox VE
  • Virtualization
  • pfSense
  • Zero Trust Architecture
  • Apache · Nginx
  • Zabbix · Nagios

Programming & Automation

  • Python
  • C
  • Java
  • Bash
  • PowerShell
  • JavaScript · Vue
  • PHP
  • MySQL · PostgreSQL
  • MongoDB
  • Git
White modern architecture against a bright sky

05Education

2025 — 2026

M.Sc. Cybersecurity and Privacy

Universitat Oberta de Catalunya (UOC). Thesis: backup server hardening and ransomware analysis in a bare-metal Zero Trust laboratory.

2021 — 2025

B.Eng. Computer Engineering — Information Technology

Universitat Jaume I (UJI). Specialisation in Information Technology: networks, operating systems, security and software engineering.

06Certifications

Ethical Hacking

Cisco Networking Academy

2025 · Completed

07Contact

Let's build something that holds.

I'm open to security engineering roles, infrastructure hardening work and research collaborations across Europe. If you'd like to talk, write to me — I read everything.

[email protected]