_____ __ _______ ___ _ _____ _____ ___ ______ ____ _____ _____ ___ _____ __
/ ____/_ |__ __/ _ \ | | | __ \| __ \ / _ \| ____|___ \| ____| ____|/ _ \| __ \/_ |
| | __ | | | | | | | | __ _ | | __ __ _ | |__) | |__) | | | | |__ __) | |__ | |__ | | | | |__) || |
| | |_ || | | | | | | | / _` | | |/ / / _` | | ___/| _ /| | | | __| |__ <|___ \|___ \| | | | _ / | |
| |__| || | | | | |_| | | (_| | _ | < _ | (_| | | | | | \ \| |_| | | ___) |___) |___) | |_| | | \ \ | |
\_____||_| |_| \___/ \__,_| (_) |_|\_\ (_) \__,_| |_| |_| \_\\___/|_| |____/|____/|____/ \___/|_| \_\|_|
Cybersecurity Researcher · Software Engineer · Computer Science & 42 Network Student
Cybersecurity-focused software engineer with practical experience in system security, web application security, and low-level programming.
Currently completing the 42 Common Core, with emphasis on C programming, memory management, operating system fundamentals, and secure software design.
Active contributor to open-source ecosystems (Fedora Project) and continuous learner through CTFs, vulnerability research, and hands-on security experimentation.
"Security is not a product, but a process." – Building secure systems through deep understanding and responsible disclosure.
Organizations I have created and actively maintain on GitHub:
| Organization | Description | Link |
|---|---|---|
| JACSE | Journal of Applied Cybersecurity & Systems Engineering | https://github.com/JACSE-Journal |
| Tech With Orgito | Exploring and sharing the best in cybersecurity—tools, articles, books, and more! | https://github.com/TechWithOrgito |
| Cybersecurity Enthusiasts from 42 | Cybersecurity Community | https://github.com/Cybersecurity-Enthusiasts-from-42 |
Note: This section displays only organizations where I am the founder and creator,
not organizations where I am merely a member or contributor.
|
Focused on vulnerability discovery through systematic root-cause analysis and secure software architecture using defensive programming principles. Specialized in web application security, analyzing authentication/authorization mechanisms and strengthening them against emerging threats. |
Working with Linux internals to implement system hardening strategies and develop automated security testing frameworks. Experience spans container and cloud security architectures, with practical cryptographic implementations for secure system design. |
Network & Web Penetration Testing - Identifying critical vulnerabilities in web applications and network infrastructure
- OWASP Top 10 exploitation and remediation
- Advanced SQL Injection & XSS techniques with bypass methods
- Authentication Bypass - Session management, JWT, and OAuth vulnerabilities
- Security Misconfigurations - Server hardening and secure deployment
- Linux Hardening - SELinux, AppArmor, iptables, and fail2ban configurations
- Secure Code Review - Static analysis and manual code auditing
- Security Monitoring - Log analysis, SIEM integration, and intrusion detection
- Incident Response - Threat detection, forensics, and remediation
- Threat Modeling - STRIDE, attack trees, and risk assessment
Active Categories: Web · Crypto · Forensics · OSINT · Reverse Engineering · PWN · Steganography
Active participant in CTF competitions on platforms like HTB, THM, and PicoCTF. Contributing through detailed security writeups and responsible vulnerability disclosures, with continuous skill development through practical challenges.
- Vulnerability Assessment - Systematic evaluation of application security postures
- Exploit Development - Creating proof-of-concept exploits to demonstrate security weaknesses
- Security Automation - Custom Python and Bash scripts for security testing
- Open Source Contributions - Security improvements to public repositories
Penetration Testing & Exploitation
┌─ Web Application Testing
│ ├─ Burp Suite Professional │ Advanced web vulnerability scanner
│ ├─ OWASP ZAP │ Web application security testing
│ ├─ SQLMap │ Automated SQL injection exploitation
│ └─ Nikto │ Web server scanner
│
┌─ Network Reconnaissance
│ ├─ Nmap │ Network discovery and security auditing
│ ├─ Masscan │ Fast port scanner
│ ├─ Wireshark │ Network protocol analyzer
│ └─ tcpdump │ Packet capture and analysis
│
┌─ Exploitation Frameworks
│ ├─ Metasploit Framework │ Penetration testing framework
│ ├─ Exploit-DB │ Vulnerability database
│ └─ SearchSploit │ Exploit search tool
│
└─ Password & Hash Cracking
├─ Hashcat │ Advanced password recovery
├─ John the Ripper │ Password cracking
└─ Hydra │ Network login cracker
🔍 Reverse Engineering & Binary Analysis
My reverse engineering toolkit centers around powerful disassemblers and decompilers like IDA Free / Ghidra for deep binary analysis. I leverage GDB / PEDA for advanced debugging sessions, while radare2 / Cutter provides comprehensive binary analysis capabilities. My workflow includes essential utilities like objdump / nm / strings for binary inspection, complemented by strace / ltrace for tracing system and library calls.
🐧 Operating Systems & Environments
My operational environment spans multiple specialized Linux distributions, each serving a unique purpose. Kali Linux serves as my primary penetration testing distribution, while Fedora powers my daily driver and development workflow. For comprehensive security work, I utilize BlackArch with its extensive security toolkit, complemented by Parrot OS for privacy-focused security operations. Ubuntu Server rounds out my infrastructure for production and testing environments.
|
Systems Programming • C Language
├─ Memory management
├─ Systems programming
├─ Low-level security
└─ Buffer overflow analysis |
Security Automation • Python 3
├─ Exploit development
├─ Security tooling
├─ Web scraping
└─ Data analysis |
System Administration • Bash Scripting
├─ Linux automation
├─ Security hardening
├─ Log parsing
└─ Process monitoring |
| Framework | Focus Area | Proficiency |
|---|---|---|
| OWASP Testing Guide | Web application security testing | ⭐⭐⭐⭐⭐ |
| MITRE ATT&CK | Threat intelligence and tactics | ⭐⭐⭐⭐ |
| NIST Cybersecurity Framework | Risk management and security controls | ⭐⭐⭐⭐ |
| PTES | Penetration testing methodology | ⭐⭐⭐⭐ |
| OSSTMM | Security testing methodology | ⭐⭐⭐ |
| Current Certifications | https://www.credly.com/users/orgito-leka |
On my professional development roadmap, I'm pursuing industry-recognized certifications including the OSCP (Offensive Security Certified Professional) for advanced penetration testing mastery, CEH (Certified Ethical Hacker) to formalize my ethical hacking expertise, CompTIA Security+ as a foundational security certification, and eJPT (eLearnSecurity Junior Penetration Tester) to validate my practical penetration testing skills.
My learning journey is centered around the 42 Network core curriculum with deep focus on C programming and Unix systems. I engage in daily security research involving vulnerability analysis and exploit study. My dedicated home lab environment serves as a testing ground for security research and experimentation, while I actively contribute to the security community through detailed write-ups and technical documentation that helps others learn from my discoveries.
Active CTF Competitor OWASP Top 10 Practitioner
Security Researcher Open Source Contributor
Secure Software Developer 42 Network Student
Linux Security Enthusiast DevSecOps Advocate
| Platform | Link |
|---|---|
| Connect for professional networking | |
| GitHub | @orgito1015 |
| TryHackMe | View my THM profile |
| lekaorgito@gmail.com | |
| @CTFPlayer1 |
| Platform | Link |
|---|---|
| 💬📢 Discord | CyberSecurity Enthusiasts |
def security_mindset():
"""
Security is not about making something completely unbreakable,
but about making the cost of breaking it exceed the value gained.
"""
principles = {
'defense_in_depth': True,
'least_privilege': True,
'fail_securely': True,
'security_by_design': True,
'continuous_learning': True
}
while True:
learn()
practice()
share_knowledge()
improve_security()