cybersparky@kali:~

CYBERSPARKY

Securing code. Shipping safe.

↓

01. about_me

Security engineer with a focus on application security, DevSecOps, and building secure-by-default pipelines. I work at the intersection of development and security — embedding SAST, SCA, and container scanning into CI/CD workflows so vulnerabilities get caught before they ship.

My day-to-day involves working with tools like Semgrep, Snyk, and Wiz to enforce security guardrails across codebases and cloud infrastructure. I write code in Python, Java, JavaScript, and C++ — which helps me think like both the developer and the attacker.

Outside of work, I'm a CTF enthusiast, constantly learning new exploitation techniques and staying sharp on the offensive side to better understand what I'm defending against.

$ cat focus.txt

Application Security • DevSecOps • SAST/SCA • Container Security

$ neofetch --security

roleSecurity Engineer

focusAppSec / DevSecOps

languagesPy, Java, JS, C++

toolsSemgrep, Snyk, Wiz

infraDocker, Podman, GHA

vibesCTFs, Anime, Coffee

$ ls ~/certs/

CAISP

Certified AI Security Professional

↳ Practical DevSecOps

CDP

Certified DevSecOps Professional

↳ Practical DevSecOps

GCC

Google Cybersecurity Certificate

↳ Google

02. skills_&_arsenal

Python

Java

JavaScript

C++

03. ctf_writeups

$ ls ~/writeups/ --recent

PwnDrivewebmedium

PwnTillDawn — Exploiting a PHP-based file storage application on a Windows Server through unauthenticated admin user creation, arbitrary file upload, and a PHP webshell to achieve remote code execution with SYSTEM privileges.

→

Portspwneasy

PwnTillDawn — Exploiting the infamous vsftpd 2.3.4 supply-chain backdoor — a compromised FTP daemon that opens a root shell on port 6200 when triggered by a specially crafted username.

→

Snarewebmedium

PwnTillDawn — Leveraging a Local File Inclusion vulnerability to achieve Remote File Inclusion, obtaining a reverse shell via PHP, then escalating to root by manipulating the shadow file.

→

>Explore all 7 writeups

04. contact

$ echo "Let's connect"

GitHub LinkedIn Email

Available for: AppSec Collaboration • CTF Teams