Hey there, I’m María Victoria
I’m a passionate Cybersecurity student at the Benjamin Franklin Cummings Institute of Technology, specializing in network security, risk management, and incident response.
I’ve always been fascinated by how technology connects people, and how cybersecurity keeps those connections safe. My journey started with web development and digital marketing, where I learned the importance of secure systems and data protection. Today, I focus on strengthening cybersecurity defenses and understanding real-world attack patterns
Fun fact
Beyond the screen, I’m a runner, yoga and pilates lover.
Education
Benjamin Franklin Cummings Institute of Technology.
- Expected Graduation May 2026
Boston, MA
→ A.S Cybersecurity
Technical Projects
Cybersecurity Capstone Project – AD Penetration Test
→ Simulated attacks on a Windows Server 2022 AD environment using tools like Wireshark, Nessus, Nmap, Responder, Impacket, Empire, Mimikatz and Metasploit.
→ Identified critical CVEs, exploited
misconfigurations, escalated to SYSTEM, and extracted credentials.
→ Delivered risk-based
recommendations to improve security posture.
1st Place Winner, Annual Franklin Cummings Tech Hackathon.
→ Led a Digital Forensics and Incident Response (DFIR) investigation, leveraging Volatility for memory
analysis, Wireshark for network traffic inspection, and Windows Sysinternals for compromised
endpoint analysis to achieve a full attack timeline reconstruction.
CTF Competition with CyberTrust Massachusetts and Immersive.
→ Hands-on labs in Elastic, Velociraptor, and log analysis.
Developed practical skills in threat detection, digital forensics, and incident response.
IT Security Intern at Arbella Insurance
05/2025 – Present
→ Conducted risk assessments and vulnerability management by evaluating client systems, networks, and
applications, leveraging Rapid7 IVM to prioritize remediation based on CVSS scores and exploitability
metrics.→ Investigated anomalous traffic and threats using Darktrace Threat Visualizer, log analysis, and external
threat intelligence to detect and validate potential incidents.
→ Designed and deployed honeypots simulating MSSQL services to capture attacker behavior, extract
IOCs, and study intrusion techniques.→ Supported security monitoring and detection with tools including Microsoft Defender, Rapid7 IDR,
Project Doppler, AppSec, KnowBe4, and Nessus.
→ Drafted and updated internal procedures and incident response runbooks to standardize workflows and
improve incident handling consistency.→ Provided client consulting and cybersecurity guidance, advising on secure configurations,
logging/monitoring strategies, risk mitigation, and security awareness initiatives.
Founder & President
The Cyber Club At FCTECH
→ Established and lead the college’s first Cybersecurity Club, fostering student collaboration
through hands-on projects, certification/classes study groups, and professional development
initiatives.
PROJECTS
Active Directory Penetration Test
The project was a comprehensive internal penetration test (Ethical Hacking assessment) of a simulated corporate Active Directory (AD) environment named MVDM.LOCAL. The core objective was to simulate a real-world attacker’s tactics from an initial internal foothold to the highest level of control (Domain Admin/SYSTEM). The goal was to find exploitable security flaws and configurations that could lead to a full domain compromise.
Metasploitable 3
For this hands-on project, I deployed Metasploitable3 in a VMware virtual machine to create a deliberately vulnerable lab environment. I configured the VM, set up the virtual network, and used snapshots to safely practice penetration testing and vulnerability assessment in a realistic but controlled settings.
Deploy Active Directory With PowerShell & Create Users With The Batch File
I deployed a full Active Directory (AD) lab inside a VMware VM to automate Windows domain setup and user provisioning. The project demonstrates Windows Server administration, automation with PowerShell, and scalable user account creation for realistic lab and testing scenarios.
SMB attack using Responder – Capture Hashes and Crack Password
In this project, I set up a safe lab environment to evaluate SMB protocol vulnerabilities using the Responder tool. I captured authentication hashes in a controlled setting and performed password cracking tests to measure password strength. The goal was to identify weaknesses, document findings, and recommend countermeasures such as configuration hardening and password policies.
John The Ripper- Password Cracking
In this project, I conducted a practical SMB security assessment in a controlled lab environment. I captured SMB authentication hashes using Responder and then used John the Ripper to test password strength, identify weak credentials, and evaluate the resilience of user passwords. The exercise demonstrated password-cracking methodologies, hash handling, and the importance of strong password policies for network security.
Design a VLAN
I designed a network in Cisco Packet Tracer to segment different departments using VLANs. Each department (Sales, HR, IT) was assigned its own VLAN to improve network organization and security. I configured a trunk link between switches to carry traffic from all VLANs and set up inter-VLAN routing to allow controlled communication between departments. The project demonstrates VLAN configuration, and network segmentation best practices in a controlled lab environment.