Dominik Czarnota is a Staff Security Engineer with 11 years of experience building and auditing secure systems, currently focused on security engagements at Trail of Bits. He combines deep hands-on skills in binary exploitation, reverse engineering and tooling—maintaining pwndbg and contributing to radare2, Manticore and Slither—with practical backend engineering in Python and C/C++. As captain of top-ranked CTF team justCatTheFish (4th worldwide in 2023), he continuously sharpens offensive techniques that inform his security assessments. His open-source work shows attention to detail and reliability: fixing subtle parsing, memory and string-comparison bugs, making detectors pluggable, and optimizing symbolic execution paths. Comfortable across application security, sandboxing (nsjail) and secret-search tooling, he bridges offensive research and production-grade fixes. Based in Poland, he pairs academic training from AGH with a knack for turning fuzzy security problems into reproducible, maintainable solutions.
11 years of coding experience
3 years of employment as a software developer
Master of Science (MSc) Applied Computer Science, Master of Science (MSc) Applied Computer Science at AGH University of Krakow
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Role in this project:
Software Security Engineer
Contributions:15 releases, 1182 reviews, 295 commits in 5 years 6 months
Contributions summary:Dominik primarily focused on debugging, reverse engineering and developing security tools for exploit development. They fixed bugs in the `u` command, enhanced the `canary` command to display stack canary locations and added the nextret, stepsyscall, and nextproginstr commands which help analyze program flow for exploit development. The user improved the display of assembly code during debugging sessions, introduced a patch command, fixed the errno command to handle edge cases, and improved the `vmmap` command.
Contributions:1 release, 89 commits, 190 PRs in 1 year 9 months
Contributions summary:Dominik primarily focused on refactoring and improving the ARMv7 code within the Manticore symbolic execution tool. This involved code style consistency improvements, removal of dead imports, and adding comments. They also made changes related to x86 architecture execution speedup by caching AMD64RegFile.all_registers. Furthermore, the user addressed critical bugs, such as improving the accuracy of the "Unimplemented instruction" error reporting and fixing memory handling issues, indicating a focus on improving the tool's reliability and performance.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Dominik Czarnota - Staff Security Engineer at Trail of Bits