Hello, I am
Lead Machine Learning Engineer · Security Researcher & Consultant · Strategic Technology Consultant
Mad scientist turned builder. I break things, and increasingly make them. I work at the intersection of Machine Learning and Security — from physics-inspired neural networks and diffusion models to exploit development, reverse engineering and cryptography. Lifetime CTF player and passionate flag collector.
• Machine Learning Consulting
• LLM Integration & Optimization
• Security Advisory
• Penetration Testing
• Forensic Analysis
• CTF Challenge Authoring
Lead Machine Learning Engineer — Cassiel.ai (Remote)
2025 – Ongoing
Integrating ML into a digital marketing pipeline
Cybersecurity Consultant — ExpressVPN (Remote)
2025 – Ongoing
Chief technical consultant for ExpressVPN blogs; authored and reviewed cybersecurity articles; ensured technical accuracy.
Strategic Technology Consultant — Webselenese (Remote)
2024 – Ongoing
Led a small team building internal workflow tools; optimized and integrated LLMs for strategic use.
Security Researcher / Security Architect — Webselenese
2020 – 2024
Discovered attack vectors; disclosed data leaks; performed security audits; developed security tooling.
Security Intern — Savunma Teknolojileri Mühendislik A.Ş.
2020
Participated in a penetration test for an airline; authored cybersecurity challenges for STMCTF2020.
Security Penetration Tester — Freelancer
2019 – 2020
Bug bounty and private contracts; delivered security and digital forensics solutions.
CTO & DevOps Engineer — Viper Technologies R&D (UK/Cyprus)
2018 – 2019
Managed development workflows; led web projects; implemented and maintained CI/CD.
Embedded Technologies Developer — Freelancer
2016 – 2018
Designed IoT-based embedded systems for industrial use; focused on workflow tracking and productivity.
Structure-preserving models for scientific systems and dynamics.
Hamiltonian & Lagrangian Neural Networks
Liquid Time-Constant Networks
Graph & Hyperbolic Neural Networks
Large-scale modeling and controllable generation.
Transformers (BERT, GPT, ViT)
Diffusion models, Flow Matching, ControlNet, DreamBooth
Fine-tuning (LoRA/QLoRA/DoRA), DPO
Vulnerability research and automated analysis.
Reverse engineering & binary exploitation
Realtime deobfuscation with interpreter-assisted analysis
Password analytics with Markov models
Applied cryptography & post-quantum primitives
C
C++
C#
Python
Java
JavaScript
TypeScript
PHP
Go
Haskell
Lex
CUDA
Bash
Powershell
Vala
Assembly (x86/ARM/MIPS/AVR)
SQL
LaTeX
Typescript
Version Control (Git), unit testing, agile, design patterns
Databases: MySQL/MariaDB, PostgreSQL, MongoDB, ELK, CouchDB
Containerization: Docker
Linux in production, CI/CD pipelines, systemd
Embedded systems & microprocessors design
Computer Organization & CPU design
Logic Design
Wireless Comms, packet capture (tcpdump/Wireshark)
Protocol reverse engineering
Reverse Engineering: static (Ghidra, IDA), dynamic; debuggers (gdb/x64dbg) on x86/ARM; .NET and Java bytecode; deobfuscation
Penetration Testing: web, network, and cloud; Active Directory; post-exploitation (Linux/Windows); OSINT
Binary Exploitation: stack BOF, ROP/ret2*, heap (ptmalloc/tcache), mitigations (ASLR/NX/PIE/RELRO); basic browser/sandbox escapes
Cryptography: best practices, PKI, symmetric primitives, hashing, key exchange, TLS, homomorphic, post-quantum, differential cryptanalysis
Forensic Analysis & IR: disk/memory forensics, timeline and log analysis, malware triage
Threat Modeling & AppSec: secure code review, SAST/DAST, supply chain security
Cloud & Container Security: AWS/Azure/GCP, Docker/Kubernetes, IAM, secrets management
Detection & Monitoring: SIEM/ELK, network defense, packet capture (tcpdump/Wireshark), threat hunting
Vulnerability Management: scanning, prioritization, and remediation workflows
Reporting & Communication: clear, actionable findings with remediation guidance
Supervised & Unsupervised: regression, classification, clustering (K‑Means, DBSCAN), dimensionality reduction (PCA, t‑SNE, UMAP), anomaly detection
Neural Networks: feedforward, CNNs, RNNs/LSTM, attention mechanisms, Neural ODEs
Physics‑Inspired Architectures (emphasis): Hamiltonian Neural Networks (HNN) and Lagrangian Neural Networks (LNN), Liquid Time‑Constant Networks, Graph Neural Networks (GNNs), Hyperbolic NNs; structure‑preserving inductive biases, symplectic integrators
Transformer Architectures: BERT, GPT, ViT, encoder‑decoder models, self/multi‑head attention, positional encoding
Diffusion Models: DDPM, Stable Diffusion, Flow Matching, score‑based generative modeling, ControlNet, DreamBooth
Fine‑Tuning & Custom Training: LoRA/QLoRA/DoRA, PEFT, prompt tuning, adapters, hyperparameter tuning, RLHF/DPO
Adversarial Robustness: adversarial training (FGSM, PGD), robustness evaluation, certified defenses, data poisoning defenses
Supporting Tools & Optimization: CUDA acceleration, ONNX export, quantization, pruning, compression, dataset curation/augmentation, image generation pipelines, prompt engineering, experiment tracking (MLflow, Weights & Biases)
Theoretical Foundations: Differential & Kähler geometry, variational inference, functional analysis, probability & measure theory, optimization (convex/non‑convex), topology, statistical learning theory, quantum information
Turkish — Native
English — Fluent
French — Proficient
Spanish — Intermediate
Hidden Markov Models trained on leaked passwords for Markov-enhanced cracking.
C++ Python CUDA
Statistical study on 1B leaked credentials; datasets for research.
Python SQL
Puppeteer-powered client-side reflected XSS scanner.
Node.js
Synchronize programmable RGB devices to Spotify audio and metadata.
Python
Public PoC and comprehensive test kit for RAR archive vulnerability.
Python
Exploit tooling and PoC for WinRAR RCE (RaRCE).
Python
CUDA-powered PHP type-juggle payload generator for MD5 hashes.
CUDA
3D modeling and virtualization of METU Northern Cyprus Campus.
• STMCTF 2022 — 1st place
• HTB UniCTF finalist — 2022
• Metasploit Community CTF 2022 — 1st place
• BTK Siber Yıldız — 2nd place (2020)
• Metasploit Community CTF 2020 — 2nd place
• DEFCON 2020 CTF Qualifier — Finalist
• InfernoCTF 2019 — 1st place
• RITSEC 2019 — 2nd place
• UTCTF 2020 — 2nd place
• Hackistanbul 2019 (online) — 2nd place
• STMCTF 2019 (online) — 3rd place
• BTK Siber Yıldız — Finalist (2019)
Other Highlights
• Co-founded METU HackTheBox Community (2018)
• One of three with the rare "Exploit Maker" badge on HackTheBox
• CTF Challenge Author: STMCTF 2020, InCTF 2020, HTB × TMHC 2019
Uncovered a Microsoft server leak exposing 6.5TB of user data from Bing products.
Coverage →
Persistent XSS capable of RCE in Moodle (used by 170k+ institutions).
CVE-2020-27419, CVE-2021-20186
Auth bypass leading to code execution as NT AUTHORITY/SYSTEM.
CVE-2019-10008
Model selection, training pipelines, evals, MLOps, and deployment.
RAG, tooling, fine-tuning (LoRA/QLoRA), latency/throughput optimization.
Threat modeling, crypto and web security reviews, and risk analysis.
Actionable findings across web, network, and cloud scopes.
Incident response via log, memory, and disk image analysis.
Reverse, pwn, crypto, and web challenges for competitions.
Master's in Computer Engineering — Middle East Technical University NCC
2021 – 2025
Dismissed (ask me how)
B.S. in Computer Engineering — Middle East Technical University NCC
2016 – 2021
