I’m a cybersecurity specialist based in Poland 🇵🇱 with over 5 years of hands-on experience across offensive and defensive security. I’m currently working at Securitum as a Penetration Tester, where I perform a wide range of security assessments for external clients — covering infrastructure, web applications, cloud environments, Active Directory, and various emerging technologies.

Previously, I worked as an Infrastructure Penetration Tester and Red Team Operator at Tenendo, contributing to adversary simulations and purple team initiatives designed to uncover critical weaknesses before real attackers could exploit them.

Before that, I gained strong defensive expertise at WithSecure as an Associate Threat Hunter, providing 24/7 monitoring, incident response, detection engineering, and forensic analysis across large-scale enterprise environments.

I also spent nearly two years as a Penetration Tester at Eurofins, specializing in deep-dive infrastructure and Active Directory assessments — frequently identifying privilege escalation paths, RCE chains, and full-domain compromise scenarios. I worked directly with clients to guide remediation and strengthen their security posture.

Earlier in my career, I contributed to both internal and external security projects as an Ethical Hacker at CYBEROO, collaborating with red and blue teams, mentoring interns, and supporting high-impact investigations.

Even before entering the industry professionally, I was focused on practical learning: building vulnerable labs, solving Hack The Box machines, exploring bug bounties, studying offensive tooling, and maintaining a detailed personal knowledge base. That foundation still drives how I approach security today.

Outside of work, I’m constantly exploring new offensive techniques, developing custom tooling, and participating in the cybersecurity community. Whether it’s maldev, AV/EDR evasion, TTP research, or improving threat simulation.

I believe that rigorous testing and adversarial thinking are essential to building resilient systems. If you’re passionate about cybersecurity, always looking to break things for the better, or just want to chat about obscure TTPs and purple teaming - let’s connect!

Skills & Interests ⚔️

• Penetration Testing
• RedTeam Operations & Adversary Simulation
• Threat Hunting & Incident Response
• System Administration
• Security Automation & Tool Development

GitHub projects 🛠️

• mssql-relay-lab — A tool for MSSQL relaying to SMB.
• lurked — A proof-of-concept stealthy agent leveraging QEMU virtualization and a Linux rootkit for process hiding.
• PAMinant — A PAM backdoor toolkit designed for access persistence on Linux systems.
• BOF-Skeletons - A collection of buffer overflow exploits and vulnerable apps I used to prepare for cybersecurity certifications.

Certifications 🎓

• OffSec Certified Professional (OSCP)
• Red Team Operator (CRTO)
• Certified Red Team Expert (CRTE)
• Certified CyberDefender (CCD)
• Certified Enterprise Security Professional (CESP - ADCS)
• Certified Azure Red Team Professional (CARTE)
• eLearnSecurity Certified Professional Penetration Tester (eCPPT)
• Practical Network Penetration Tester (PNPT)
• eLearnSecurity Junior Penetration Tester (eJPT)
• Certified Red Team Professional (CRTP)

Courses & labs 🧪

• Linux Privilege Escalation for OSCP & Beyond!
• Windows Privilege Escalation for OSCP & Beyond!
• Introduction to Cyber Security Learning Path
• Attacking Active Directory with Linux Lab
• Wreath Lab
• ADVersary Lab
• Practical Ethical Hacking - The Complete Course
• Windows Privilege Escalation for Beginners
• Linux Privilege Escalation for Beginners
• Open-Source Intelligence (OSINT) Fundamentals
• External Pentest Playbook
• Practical Web Application Security and Testing

and others.

Platforms 💻

HackTheBox:

• hensitskyi
• innxrmxst

TryHackMe:

• innxrmxst

---

Let’s work together

• https://hensitskyi.com/