About Me

Roman Števaňák [OSCP|CRTP]

My interest in cybersecurity developed at university, which led me to do a masters thesis in cryptography. During this time I also got a part-time job at Slovak Governmental CSIRT, where I started with web pentesting. I came in contact with many important systems, which I helped to make more secure by discovering their vulnerabilities.

After graduating from the university, I was a security consultant for LIFARS. There I gained experience working with international companies. I performed web, external and internal penetration testing as well as phishing campaigns and took part in red team engagements. I also created an advanced phishing infrastructure, which is capable of bypassing 2FA and carrying out actions autonomously on behalf of phished users.

In the security research, I discovered multiple vulnerabilities in projects like Kanboard, I also took part in research which gained a CVE (CVE-2021-27659) and in March 2021 I was listed in Asus Product Security Advisory Hall of fame

I hold OSCP and CRTP certifications and I took part in many security courses, such as SANS 642 (Advanced Web App Penetration Testing), where I gained a challenge coin, which is awarded to the best 4 attendees, or Web application Attack and Defense and Malware and Exploit Essentials, which were taught by NATO CCDCOE.