_____ __ _______ ___ _ _____ _____ ___ ______ ____ _____ _____ ___ _____ __
/ ____/_ |__ __/ _ \ | | | __ \| __ \ / _ \| ____|___ \| ____| ____|/ _ \| __ \/_ |
| | __ | | | | | | | | __ _ | | __ __ _ | |__) | |__) | | | | |__ __) | |__ | |__ | | | | |__) || |
| | |_ || | | | | | | | / _` | | |/ / / _` | | ___/| _ /| | | | __| |__ <|___ \|___ \| | | | _ / | |
| |__| || | | | | |_| | | (_| | _ | < _ | (_| | | | | | \ \| |_| | | ___) |___) |___) | |_| | | \ \ | |
\_____||_| |_| \___/ \__,_| (_) |_|\_\ (_) \__,_| |_| |_| \_\\___/|_| |____/|____/|____/ \___/|_| \_\|_|
Cybersecurity Researcher · Software Engineer · Computer Science & 42 Network Student
Cybersecurity-focused software engineer with practical experience in system security, web application security, and low-level programming.
Currently completing the 42 Common Core, with emphasis on C programming, memory management, operating system fundamentals, and secure software design.
Active contributor to open-source ecosystems (Fedora Project) and continuous learner through CTFs, vulnerability research, and hands-on security experimentation.
"Security is not a product, but a process." – Building secure systems through deep understanding and responsible disclosure.
|
|
- Network & Web Penetration Testing – Identifying vulnerabilities in web applications and network infrastructure
- OWASP Top 10 – Practical exploitation and remediation of common web vulnerabilities
- SQL Injection & XSS – Advanced injection techniques and bypass methods
- Authentication Bypass – Session management, JWT, OAuth vulnerabilities
- Security Misconfigurations – Server hardening and secure deployment practices
- Linux Hardening – SELinux, AppArmor, iptables, fail2ban
- Secure Code Review – Static analysis and manual code auditing
- Security Monitoring – Log analysis, SIEM, intrusion detection
- Incident Response – Threat detection, forensics, and remediation
- Threat Modeling – STRIDE, attack trees, risk assessment
Active Categories: Web · Crypto · Forensics · OSINT · Reverse Engineering · PWN · Steganography
- Participated in multiple CTF competitions (HTB, THM, PicoCTF)
- Security writeups and vulnerability disclosures
- Continuous skill development through practical challenges
- Vulnerability Assessment – Systematic evaluation of application security posture
- Exploit Development – Understanding and developing proof-of-concept exploits
- Security Automation – Python and Bash scripts for security testing
- Open Source Contributions – Security improvements to public repositories
Penetration Testing & Exploitation
┌─ Web Application Testing
│ ├─ Burp Suite Professional │ Advanced web vulnerability scanner
│ ├─ OWASP ZAP │ Web application security testing
│ ├─ SQLMap │ Automated SQL injection exploitation
│ └─ Nikto │ Web server scanner
│
┌─ Network Reconnaissance
│ ├─ Nmap │ Network discovery and security auditing
│ ├─ Masscan │ Fast port scanner
│ ├─ Wireshark │ Network protocol analyzer
│ └─ tcpdump │ Packet capture and analysis
│
┌─ Exploitation Frameworks
│ ├─ Metasploit Framework │ Penetration testing framework
│ ├─ Exploit-DB │ Vulnerability database
│ └─ SearchSploit │ Exploit search tool
│
└─ Password & Hash Cracking
├─ Hashcat │ Advanced password recovery
├─ John the Ripper │ Password cracking
└─ Hydra │ Network login cracker
🔍 Reverse Engineering & Binary Analysis
- IDA Free / Ghidra – Disassembler and decompiler
- GDB / PEDA – Advanced debugging
- radare2 / Cutter – Binary analysis framework
- objdump / nm / strings – Binary inspection utilities
- strace / ltrace – System and library call tracing
🐧 Operating Systems & Environments
- Kali Linux – Primary penetration testing distribution
- Fedora – Daily driver and development environment
- BlackArch – Comprehensive security toolkit
- Parrot OS – Security and privacy-focused distribution
- Ubuntu Server – Production and testing environments
|
Systems Programming • C Language
├─ Memory management
├─ Systems programming
├─ Low-level security
└─ Buffer overflow analysis |
Security Automation • Python 3
├─ Exploit development
├─ Security tooling
├─ Web scraping
└─ Data analysis |
System Administration • Bash Scripting
├─ Linux automation
├─ Security hardening
├─ Log parsing
└─ Process monitoring |
| Framework | Focus Area | Proficiency |
|---|---|---|
| OWASP Testing Guide | Web application security testing | ⭐⭐⭐⭐⭐ |
| MITRE ATT&CK | Threat intelligence and tactics | ⭐⭐⭐⭐ |
| NIST Cybersecurity Framework | Risk management and security controls | ⭐⭐⭐⭐ |
| PTES | Penetration testing methodology | ⭐⭐⭐⭐ |
| OSSTMM | Security testing methodology | ⭐⭐⭐ |
| Current Certifications | https://www.credly.com/users/orgito-leka |
- OSCP (Offensive Security Certified Professional)
- CEH (Certified Ethical Hacker)
- CompTIA Security+
- eJPT (eLearnSecurity Junior Penetration Tester)
- 42 Network – Core curriculum with focus on C programming and Unix systems
- Security Research – Daily vulnerability research and exploit analysis
- Lab Practice – Dedicated home lab for security testing and research
- Write-ups & Documentation – Sharing knowledge through technical documentation
Active CTF Competitor OWASP Top 10 Practitioner
Security Researcher Open Source Contributor
Secure Software Developer 42 Network Student
Linux Security Enthusiast DevSecOps Advocate
| Platform | Link |
|---|---|
| Connect for professional networking | |
| GitHub | @orgito1015 |
| TryHackMe | View my THM profile |
| lekaorgito@gmail.com | |
| @CTFPlayer1 |
| Platform | Link |
|---|---|
| 💬📢 Discord | CyberSecurity Enthusiasts |
def security_mindset():
"""
Security is not about making something completely unbreakable,
but about making the cost of breaking it exceed the value gained.
"""
principles = {
'defense_in_depth': True,
'least_privilege': True,
'fail_securely': True,
'security_by_design': True,
'continuous_learning': True
}
while True:
learn()
practice()
share_knowledge()
improve_security()