Bachelor of Electronics-ICT · Thomas More

Hi, I'm Jorg Maas

Bachelor of Electronics-ICT student at Thomas More Geel, passionate about IT infrastructure, cybersecurity, and building systems that scale. I turn complex problems into clean, reliable solutions.

8+
Projects
3rd
Year Student
2026
Expected Grad.
1
Found CVE
Jorg Maas

Who I Am

A curious mind driven by technology, creativity, and a love for building things.

I am a final-year Bachelor of Electronics-ICT student (specialisation ICT) at Thomas More in Geel. My passion for technology and problem-solving has driven me to explore various aspects of IT, including infrastructure engineering, cybersecurity, networking, and software development. I enjoy tackling challenges and continuously improving my skills to stay ahead in the ever-evolving tech industry.

Outside of my studies, I have a variety of hobbies that help me maintain a balanced and creative lifestyle. I enjoy photography, capturing unique moments and landscapes. I also have a strong interest in strategy games and board games, which help me develop critical thinking and teamwork skills.

These hobbies, combined with my passion for IT, make me a well-rounded individual who is dedicated to achieving academic and professional success while also valuing creativity, teamwork, and personal growth.

Education

Bachelor of Electronics-ICT, specialisation ICT
Thomas More Geel · 2023–2026 (expected)

Focus Areas

Pentesting · Cybersecurity · Infrastructure · Kubernetes · Networking

Hobbies

Photography · Strategy & board games · Homelab tinkering · Building things

Curriculum Vitae

Download my CV (PDF)

Internship

During my final year I completed a full-time cyber security internship where I designed and delivered a production-grade detection engineering project around Active Directory.

Detecting Active Directory Attacks with Microsoft Sentinel

Resilix · Cyber Security Internship · 2026

Summary

For my internship at Resilix I built an end-to-end detection engineering project around Active Directory. I deployed a deliberately vulnerable AD lab (GOAD, Game of Active Directory) and a Microsoft Sentinel SIEM, then worked through a full attack chain from reconnaissance and enumeration all the way to domain compromise, so that every offensive technique could be paired with a reliable detection.

On the offensive side I executed and documented techniques such as Kerberoasting and AS REP roasting, password spraying, NTLM relay and coercion (PetitPotam), LLMNR and NBT NS poisoning, MITM6, Bloodhound enumeration, AD CS abuse, LSASS and LSA secret dumping, DCSync, SMB-based code execution, and DNS A record injection (CVE‑2025‑33073). For each technique I engineered KQL analytics rules in Microsoft Sentinel, calibrated thresholds against baseline traffic to limit false positives, and verified that each rule fired against live attack traffic.

Alongside the detections I wrote a remediation guide covering hardening measures for every attack class, and delivered a full realization document as the formal internship deliverable.

What I learned

This internship taught me that a detection only has value once it survives contact with real attack traffic and real background noise. Writing the queries was the easy part. The hard part was calibrating thresholds so a password spray rule alerts on an actual attack without drowning the analyst in failed logon noise from everyday users. Forcing myself to attack first and detect second changed how I think. I stopped writing rules for the textbook version of a technique and started writing them for the messy events that Windows actually logs. I also learned how much the deliverable itself matters, because a finding that a colleague cannot reproduce or remediate from my documentation simply does not exist. That is why I paired every detection with a concrete remediation and clear evidence.

Projects & Achievements

A selection of projects I've built, contributed to, or am proud of. Click any card to read more.

CTFd Event
Skills Integration Lab 3, Thomas More
Kubernetes Security DevOps Group Project

CTF Event BSides Limburg

Built the full infrastructure for a real-world Capture The Flag competition platform for BSides Limburg on a self-hosted Kubernetes cluster.

Try Demo
Read more →
2026 Thomas More
SOC Case
Cyber Security & Security Operations, Thomas More
Security Infrastructure

SOC Case

Designed and built a full Security Operations Center on a home lab with Security Onion, OPNsense, TLS inspection, and custom alerting software.

Read more →
2026 Thomas More, CyberSec
Hosting Platform
Skills Integration Lab 2, Thomas More
Infrastructure DevOps Group Project

Hosting Platform

A complete hosting platform with automated deployments, containerised services, and scalable infrastructure built from the ground up.

Try Demo
Read more →
2025 Thomas More
Voting System
Skills Integration Lab 2, Thomas More
Development Security Group Project

Voting System

A secure NFC-based digital voting system with card authentication, a management dashboard, and real-time result tallying.

Try Demo
Read more →
2024 Thomas More
API Case Study
Programming, Thomas More
Development

API Case Study

A demo project showing how REST APIs can be consumed in Windows PowerShell to retrieve real-time public transport data.

Read more →
2025 Thomas More
DIY Drone
Electronics Project, TIO
Hardware IoT Group Project

DIY Drone

Designed and assembled a custom drone from scratch, including electronics, soldering, flight controller programming, and calibration.

Read more →
2022 TIO
KubeArd
Personal Project
Kubernetes DevOps Infrastructure WIP

KubeArd

A custom Kubernetes monitoring dashboard with real-time cluster visibility, per-user isolated instance management, and automated docker-compose-to-Kubernetes conversion.

Try Demo
Read more →
2026 Personal
Local code scanner
Personal Project
Security Development AppSec WIP

Code Security Scanner

A fully local security scanner that runs inside VS Code, active web scanning, a Burp-style HTTPS recording proxy, and static analysis (SAST/SCA/IaC/container) driven through a custom MCP server.

Read more →
2026 Personal
Homeserver
Personal Project
Infrastructure

Homeserver

Self-hosted infrastructure running Proxmox with multiple VMs and containers, used for learning, experimentation, and as the backbone for other projects.

Read more →
Ongoing Personal

Skills & Competencies

Select a domain below to explore my technical competences in depth.

Offensive Security
Vulnerability Research
Detection Engineering
Engineering & Infrastructure

Offensive Security

Active Directory Pentesting Windows Privilege Escalation Credential Attacks & Lateral Movement Web & Mobile Pentesting

Vulnerability Research

CVE Discovery & Disclosure PoC Development Windows Internals & LPE Bug Bounty

Detection Engineering

SIEM & Detection Rule Development Network Security Monitoring SOC Architecture

Engineering & Infrastructure

Security Tooling & Automation Lab Infrastructure Network Architecture Protocol Implementation

Security Research & CVEs

This section documents my independent security research, conducted in my own time outside of coursework and employment. All findings are responsibly disclosed to vendors before publication.

CVE-2026-4255 HIGH 8.4

Thermalright TR-VISION HOME: DLL Injection Privilege Escalation

LPE DLL SIDE-LOADING WINDOWS CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A

A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME (Windows 64-bit) allows a local attacker to escalate privileges via DLL side-loading. The application loads DLL dependencies using the default Windows search order, which includes directories writable by unprivileged users. Because the application always executes with administrative privileges and performs no integrity or signature verification on loaded libraries, an attacker can plant a crafted DLL in a user-writable path that is searched before trusted system locations, causing attacker-controlled code to run with elevated privileges. Affects all versions up to and including 2.0.5.

CWE-829 Published 2026-03-16 CNA: Toreon
Thermalright TR-VISION HOME ≤ 2.0.5
Ongoing Research

Additional Findings: Pending Disclosure

Beyond the published CVE, I actively research Windows desktop software attack surfaces, focusing on privilege escalation chains, insecure service configurations, and DLL loading weaknesses in consumer applications.

Several additional findings are currently in active vendor coordination and have not yet been publicly disclosed. Details will be published here once the responsible disclosure process is complete.

All research follows responsible disclosure practices: vendors are contacted privately and given adequate time to patch before any public release.

Education & Experience

My academic path from secondary school through to my Bachelor's degree, along with the skills and competences I developed along the way.

Bachelor of Electronics-ICT, specialisation ICT, Year 3

Thomas More Hogeschool, Geel

  • Cybersecurity specialisation: ethical hacking, SOC case, and detection engineering.
  • Skills Integration Lab 3 (SKIL3): built Kubernetes CTF platform for the real-world BSides Limburg event.
  • Wireless Networking: LoRa, MQTT, and IoT protocols.
  • IT Service Management and project methodology.
  • Internship at Resilix: Active Directory detection engineering project with Microsoft Sentinel.

Bachelor of Electronics-ICT, specialisation ICT, Year 2

Thomas More Hogeschool, Geel

  • Deepened knowledge in infrastructure, networking, and API development.
  • Skills Integration Lab 2 (SKIL2): built a hosting platform and a secure NFC-based voting system.
  • Expanded homeserver setup with additional virtualisation and monitoring services.

Bachelor of Electronics-ICT, specialisation ICT, Year 1

Thomas More Hogeschool, Geel

  • Foundation in programming, databases, networking fundamentals, and systems administration.
  • Built first homeserver setup with Proxmox and initial virtualisation experiments.
  • Completed introductory modules in hardware, operating systems, and web development.

Let's Connect

Interested in working together or just want to say hi? Feel free to reach out.

Let's work together

Interested in collaborating or want to know more? Feel free to reach out via email or connect with me on LinkedIn.

Send an Email Download PGP