About Me

Hello! I am a Cybersecurity Engineer with a strong foundation in network security, threat hunting, and application security. My approach combines deep theoretical knowledge with aggressive, hands-on continuous learning.

⚡ Core Competencies & Technical Skills

Defensive Security & SecOps: Threat Hunting, Threat Intelligence, SIEM/SOAR Engineering (Splunk, Wazuh), EDR & XDR, Advanced SPL Queries, Endpoint Hardening (Sysmon, systemd), Digital Forensics (FTK Imager, HxD), Incident Response.
Offensive Security & Red Teaming: Penetration Testing, Cloud Exploitation (AWS S3, DynamoDB), Privilege Escalation, Web App Vulnerabilities (OWASP Top 10), MITRE ATT&CK, Adversary Emulation (Atomic Red Team).
Intelligence & OSINT: Passive Reconnaissance, Image Intelligence (IMINT/Geolocation), Data Breach Analysis, Maltego, Recon-ng, Automated Web Scraping.
AI & Machine Learning: Local LLMs (Ollama, Llama 3.1), Agentic Workflows, Applied Data Science (CRISP-DM), Encrypted Traffic Analysis, Classification Models (Random Forest, Scikit-Learn).
Cloud, Network & Infrastructure: AWS, Google Cloud (GKE, Cloud Armor), Docker, Active Directory, Linux / Kali Linux, Network Architecture (Cisco CCNA), Wireless Security (LANforge Wi-Fi), Wireshark, Nmap.
Software Engineering, AppSec & DBs: Python (Automation, psutil, BeautifulSoup), C++, Dart/Flutter, Bash, SPL, SQL, Django (Secure Architecture), Git (GitHub, GitLab), PostgreSQL, MySQL, Redis.
Governance, Risk & Compliance (GRC): NIST Framework, Risk Scoring (CVSS 3.1), Cloud Risk Assessment, Threat Modeling, Disaster Recovery Planning (DRP), Business Continuity (BCP), RTO/RPO Metrics.
Soft Skills: Analytical Thinking, Problem-Solving, Adaptability, Time Management, Team Collaboration.
Languages: English (B2), Polish (C1), Ukrainian (Native), Russian (Native).

🚀 Featured Projects

AI-Powered SOC Automation

Developed a SOAR-like integration using Llama 3.1 and Wazuh to automate incident analysis and remediation, significantly reducing alert fatigue.

Read Case Study →

Advanced Threat Hunting Lab

Simulated APT29 tactics in a controlled environment using Splunk and Sysmon. Authored complex SPL queries to detect lateral movement.

Read Case Study →

Encrypted Traffic Classification

Implemented ML models to identify malicious Command & Control (C2) patterns within DNS-over-HTTPS (DoH) traffic. Full implementation and research methodology available on GitHub.

View Repo & Code ↗

Digital Forensics & Metadata Analysis

Developed custom Python tools for automated metadata extraction and performed raw hexadecimal analysis on forensic disk images to identify BitLocker encrypted volumes.

Read Case Study →

Cloud Infrastructure Penetration Test

Executed a full attack chain on a simulated cloud environment (HTB), exploiting AWS S3 misconfigurations and local DynamoDB instances to achieve root privilege escalation.

Read Case Study →

Advanced OSINT & Threat Reconnaissance

Conducted deep-dive passive reconnaissance using Python (BeautifulSoup), Recon-ng, and Maltego to map organizational attack surfaces, analyze data breaches, and perform IMINT geolocation.

Read Case Study →

Business-Centric Cloud Risk Assessment

Conducted comprehensive risk analysis for a GCP-based e-commerce platform. Translated technical vulnerabilities into business impacts and designed Disaster Recovery (DRP) architectures utilizing Kubernetes and Cloud Armor.

Read Case Study →

Engineering Thesis: Django AppSec

Researched and implemented 33 comprehensive security practices for Python/Django web applications, covering secure authentication, OWASP Top 10 mitigation, and hardened Nginx/SSL deployments.

Read Case Study →

🎓 Formal Education

Master of Engineering in Cybersecurity (In Progress) Wrocław University of Science and Technology

Developing an advanced master's thesis focused on AI-driven security orchestration and local LLM integration for automated SOC workflows.

Bachelor of Engineering in Cybersecurity Wrocław University of Science and Technology

Graduated in January 2025. Thesis focused on Web Application Security and implementing AppSec practices in Django.

📜 Industry Certifications

Google Cybersecurity Professional Google / Coursera (Apr 2025)

Comprehensive training in SIEM tools, IDS, Python automation, and threat mitigation.

CCNAv7: Enterprise Networking, Security, and Automation Cisco Networking Academy (Feb 2024)

Advanced enterprise network architecture, routing protocols, and automated security mechanisms.

Network Security Cisco Networking Academy (Jun 2024)

Focus on securing network infrastructure, VPNs, and firewall configurations.

Using AI in Business Development Google / SGH (Oct 2025)

Applied Artificial Intelligence frameworks for business processes and growth automation.

🎯 Hands-On Labs & Specialized Training

Theory is only half the battle. I spend my free time actively exploiting vulnerabilities in controlled environments and studying specialized network protocols.

TryHackMe: Active Participant Continuous Learning

Practicing offensive security, SOC analysis, and network exploitation in real-world simulated environments.

View TryHackMe Profile ↗

LANforge Wi-Fi Testing Candela Technologies

Specialized training in advanced Wi-Fi performance testing, network emulation, and wireless security analysis.

🏆 Hackathons & Workshops

CyberTrust 2025 Intensive Security Workshop

Engaged in intensive two-day workshops focusing on digital forensics, incident response, and the intersection of AI/ML with cybersecurity.

Competitive Hackathons AI & Software Engineering

Experienced in building AI-driven platforms from scratch and rapidly deploying local LLMs to solve complex problems in high-pressure environments.

📫 Let’s Connect

Email: ptashkohrai.andrii@gmail.com
LinkedIn: linkedin.com/in/ptashkohrai-andrii/