Geert Smelt
Where It All Began
From an early age, I was interested in understanding how things work. As a child, I
enjoyed taking toys apart to see how they functioned on the inside. In my teenage
years, this curiosity extended to computers, where I spent time learning about
their components and eventually built my own gaming PC. My passion for
technology led me to pursue a degree in Computer Science at Radboud University
in Nijmegen, followed by a Master’s degree with a focus on Information Security
Technology.
The Journey So Far
Even before completing my Master’s degree, I started working at a small company
specializing in web application security. This role allowed me to put my academic
knowledge into practice and learn from real-world challenges. Not long after, I
decided to take a step forward in my career and joined Madison Gurkha in
Eindhoven.
I have always been driven to learn and grow, which eventually motivated me to
become a Red Teamer. To achieve this, I worked on developing my software
building skills, which proved useful for understanding and testing programs as an
attacker. In my free time, I also improved my skills through platforms like Hack the
Box. These efforts allowed me to become a full-time Red Team operator and later
a Red Team lead.
Over time, I developed an interest in emerging technologies such as cloud and
containerization. I decided to focus on these areas as well, eventually becoming a
Red Team lead with expertise in cloud attacks. I also was the main driving force
behind building and improving the team’s infrastructure as code setups.
Areas of Expertise
My skills focus on offensive security areas such as Active Directory, cloud
environments, SaaS platforms, and containerized systems. I also have strong
interests in programming, infrastructure as code, and hacking challenges like
Hack the Box and Capture the Flag tournaments. These activities help me to
continuously build my knowledge and stay updated with the latest developments
in the field.
My Most Memorable Project
One of the most interesting projects I’ve worked on was as the Red Team lead for
a security assessment of a major electrical grid operator in the Netherlands. This
project involved testing both digital and physical security. One of the objectives
was to infiltrate a high-voltage power plant at night to install a device for long-term
network access.
Getting the job done required careful planning and using various tools, such as
getaway vehicles, lock picks, night vision cameras, and other burglar equipment.
We managed to bypass the physical defenses, install the device, and secure longterm
remote network access, all without triggering any alarms.
The project demonstrated some serious risks and highlighted the importance of
protecting critical infrastructure. I was thankful to be part of an attack simulation
that ultimately improved the security of such critical infrastructure, and am relieved
it was only a simulation.