My name is Wojciech and I am an experienced Systems Engineer, Pentester, Security Analyst and OSINT researcher. During my professional career as a cyber security expert, I provided analysis for companies across Europe.
I took part in many projects for big corporations as well as startups. I have made lot of open source project for OSINT community
I am also seeking any kind of cooperation full/part time employment or freelance.
Tools
Kamerka - 1,1k stars (Archived)
Kamerka GUI
LeakLooker - 980 stars
LeakLooker X GUI
Danger Zone - 600 stars
You can find all repositories on my Github page.
During my cyber security research I helped a lot of companies regarding data leaks or vulnerabilities following responsible disclosures.
Media coverage
Helped with gathering open source information for "Hot Money" podcast by FT.
![](https://www.ft.com/__origami/service/image/v2/images/raw/https%3A%2F%2Fd1e00ek4ebabms.cloudfront.net%2Fproduction%2F753e72a2-32e0-4070-8f34-1f54c32e9f0a.jpg?source=next-opengraph&fit=scale-down&width=900)
Helped with gathering open source information for "Porno" magazine for Dossier
![](https://www.dossier.at/fileadmin/_processed_/8/9/csm_wgcz_6b3cfd94bf.jpg)
Other
![](https://video-images.vice.com/articles/5be0814cfaa45a0006b828fe/lede/1541440335456-shutterstock_769627117.jpeg?crop=1xw:0.84375xh;center,center&resize=1200:*)
![](http://i.nextmedia.com.au/News/data%20breach.png)
![](https://zdnet2.cbsistatic.com/hub/i/r/2019/11/05/56e7e4bb-93ba-4fe3-ae4e-d5c6fe480b99/thumbnail/770x578/8b70d60215d29615958f3d8268ae37bd/kamerka-1.jpg)
![](https://www.securityweek.com/sites/default/files/imagecache/auth_story/pictures/picture-106.jpg)
Conferences
- Industrial Control Systems (ICS) Cyber Security Conference, Atlanta, Georgia, United States - Intelligence Gathering on U.S. Critical Infrastructure
Intelligence Gathering on U.S. Critical Infrastructure
- x33fcon 2020 - Hack the Planet with Kamerka (Only invitation - I didn't participate in online event)
https://www.x33fcon.com/#!s/wojciech.md
![](https://www.offensiveosint.io/content/images/2020/04/1_j__cXpsoUJpvXpvuYSNDhA.jpeg)
Intelligence gathering on critical infrastructure In Southeast Asia.
![](https://www.offensiveosint.io/content/images/2020/04/guo.jpg)
Other
- Followed responsible disclosure to report government leak to Australian Cyber Security Center, affected companies: Australian Electoral Commission, AMP Limited, Australian Department of Finance, National Disability Insurance Scheme Australia, Rabobank and UGL Limited. Full story below
![](https://www.offensiveosint.io/content/images/2020/04/1_nwKW0stc36WYQUUyVyjV7Q.jpeg)
- Cooperated with CERTs across the world regarding safety of ICS in critical infrastructure
![](https://www.offensiveosint.io/content/images/2020/04/mq.jpeg)
![](https://www.offensiveosint.io/content/images/2020/04/guo.jpg)
- Reported PII leaks to many organizations - for example, FraudWrangler 13 millions of orders contain blurred credit card data and personal information.
![](https://www.offensiveosint.io/content/images/2020/04/ll3.jpg)
![](https://www.offensiveosint.io/content/images/2020/04/sink.jpg)
- Closed and reported child abuse distribution network to law enforcement agency.
![](https://www.offensiveosint.io/content/images/2020/04/unspl.jpg)
![](https://www.offensiveosint.io/content/images/2020/10/alexandre-debieve-lfRtv4WPmzM-unsplash.jpg)
- Wrote article about election related misinformation for one of the biggest security portal in Poland
Jak analizować akcje dezinformacji na przykładzie użytkowników portalu Wykop.pl
- Identified, investigated and reported leak related to APT campaign, which used China Chooper, attacking Royal Malaysia Police, Ministry of Foreign Affairs of the Republic of Indonesia and Malaysian Anti-Corruption Commission.
It looks like webmails of Ministry of Foreign Affairs of the Republic of Indonesia @kemlu_ri Royal Malaysia Police and Malaysian Anti-Corruption Commission @sprmmalaysia have been compromised. #leaks #threatintel #infosec #breach #ThreatHunting pic.twitter.com/PcR9bmAO9f
— Wojciech (@the_wojciech) May 10, 2020
NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems.
![](https://us-cert.cisa.gov/sites/default/files/cert/flag.png)
Shodan,[2] Kamerka [3], are creating a “perfect storm” of 1) easy access to unsecured assets, 2) use of common, open-source information about devices, and 3) an extensive list of exploits deployable via common exploit frameworks [4] (e.g., Metasploit,[5] Core Impact,[6] and Immunity Canvas [7])
Social Media/Platforms
![](https://miro.medium.com/max/2400/1*DrL5pnGMC8Nt1QB00S3Nuw.jpeg)
![](https://profile-photos.hackerone-user-content.com/variants/000/152/678/6d10e8c1fb6967eb4c9e53b889de2b3f0e8a1632_original.jpg/cf1e4b5d44005cb61fab358dd6968415f20545de5f055ba4ed33ca4387948cdc)
![](https://profiles.bugcrowdusercontent.com/avatars/9c8c3c20976adbc398d5366a0cd2f817/7-3CM-13-2CM-Cute-Panda-Hello-Thought-Bubble-Cartoon-Vinyl-Car-Decals-Car-Stickers-Car.jpg_640x640.jpg)
Contact via Twitter or email bS53b2pjaWVjaEBwcm90b25tYWlsLmNo (base64 encoded)