I’m a 7th-semester Computer Science student (Cybersecurity specialization) at PJATK Warsaw with a strong passion for ethical hacking, web application security, and creating Capture The Flag (CTF) challenges.
I combine a hands-on approach with continuous learning to stay at the cutting edge of offensive security.
Profile
- Hands-on CTF player and creator – Top 7% on TryHackMe and global rank #940 on HackTheBox.
- Active contributor to the PJATK Security Research Club – delivering talks, leading workshops.
- Developer of custom security tools and challenges – from reverse shells to full Docker-based CTFs.
- Seeking opportunities in Security Testing, Red Teaming, or SOC/Blue Team operations.
| Area |
Skills & Tools |
| Security Operations |
Wazuh SIEM, Incident Response, Log Analysis, Threat Hunting, Network Monitoring |
| Offensive Security |
Web App Testing, OWASP Top 10, Burp Suite, Nmap, Metasploit, Gobuster/Wfuzz, Hydra, sqlmap, WPScan |
| Programming & Scripting |
Python, Bash, Java, C++, C# |
| Systems Administration |
Windows Server & Active Directory, Linux (Ubuntu, Debian, Arch, Kali) |
| Reverse Engineering |
Ghidra, Binwalk, Wireshark |
| Other |
Git/GitHub, Docker & Docker Compose, CTF design |
| Languages |
Polish (Native), English (B2) |
Education & Certifications
- PJATK Warsaw – Computer Science (Cybersecurity), 7th Semester
- HackerU Polska – Cyber Security (Red Team), 2022–Present
Certificate ID RM241020CDV/3 (Aug 2021)
Experience Highlights
- PJHACK 2025 – Co-organized a CTF competition for 40+ participants, built 3 original challenges and Docker-based infrastructure.
- KPMG App Security Training – Participated in hands-on workshops focusing on OWASP Top 10 vulnerabilities.
- Student Security Research Club – Delivered a presentation on JWT security to ~60 attendees.
CTF Challenges I Created
| Title |
Tags |
Description |
| OniGiriCo |
docker,docker-compose,web,cookies,LFI |
A fictional onigiri store hiding its secret ingredient – uncover its vulnerabilities to reveal the secret. |
| NullDivision |
docker,docker-compose,web,mobile,reverse-engineering |
A hacker-group investigation CTF with a mobile app to reverse engineer. |
| IChat |
docker,docker-compose,web,flask,XSS,JWT |
Messenger-like chat vulnerable to attacks. Can you extract the admin secret? |
| Project |
Tech |
Description |
| Gatekeeper Write-Up |
Buffer Overflow, Exploitation |
My personal guide to exploiting a CTF challenge. |
| revgen |
Java/Bash |
A command-line tool to quickly generate reverse shells. |
| NullDivision |
Flask, Kotlin |
Self-made reverse-engineering CTF challenge. |
| Hexagon Game |
C++/SFML |
A full-featured board game with custom particle effects. |
Talks & Workshops
- “JWT Security Deep Dive” – Presented to ~60 participants at PJATK Security Research Club.
- Regularly contributing to discussion panels, code reviews, and knowledge sharing within the club.
Current Focus
- Developing a web application penetration testing proxy tool for my engineering thesis.
- Experimenting with new exploitation techniques and advanced reverse engineering.
- Expanding skills in SOC operations and incident response.
© 2025 Oskar Biernacki. All rights reserved.
