Kuba Gretzky is a software engineer from Poland with a decade of hands-on experience in C/C++ development, reverse engineering, and information security. He is an active open-source contributor and security engineer, best known for significant backend work on the widely used Evilginx phishing framework and enhancements to Bettercap caplets. His contributions span core proxy/http handling, session capture hardening, automation features like IP whitelisting, and creative caplets that manipulate HTTP responses while bypassing browser caches. Comfortable operating at the intersection of offensive tooling and defensive thinking, he combines low-level protocol expertise with practical feature delivery. Colleagues can expect a pragmatic developer who documents his findings through blogging and brings a research-oriented mindset to applied security problems.
PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2
Role in this project:
Back-end Developer & Security Engineer
Contributions:3 releases, 28 commits, 8 PRs in 1 year 4 months
Contributions summary:Kuba primarily contributed to the core functionality of the phishing tool, `evilginx`. Their work involved parsing and handling credentials, implementing token management, and integrating with various web services. The user also implemented and improved security features and configuration, including handling of SSL/TLS certificates and integration with Let's Encrypt. The user also focused on fixing bugs and releasing updates.
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Role in this project:
Back-end Developer & Security Engineer
Contributions:8 releases, 1 review, 129 commits in 2 years 7 months
Contributions summary:Kuba released version 2.0.0 of the `evilginx2` framework, indicating a significant update to the project. Their commits focused on core functionality, specifically modifications to the `http_proxy.go` file, which is central to the man-in-the-middle attack framework. The user also made small fixes to session capturing and added a developer mode, and implemented new features such as automatic IP whitelisting, custom redirects, and further hardening of security.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.