Kuba Gretzky

Software Engineer

email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
Kuba Gretzky is a software engineer from Poland with a decade of hands-on experience in C/C++ development, reverse engineering, and information security. He is an active open-source contributor and security engineer, best known for significant backend work on the widely used Evilginx phishing framework and enhancements to Bettercap caplets. His contributions span core proxy/http handling, session capture hardening, automation features like IP whitelisting, and creative caplets that manipulate HTTP responses while bypassing browser caches. Comfortable operating at the intersection of offensive tooling and defensive thinking, he combines low-level protocol expertise with practical feature delivery. Colleagues can expect a pragmatic developer who documents his findings through blogging and brings a research-oriented mindset to applied security problems.
code10 years of coding experience
github-logo-circle

Github Skills (28)

json10
javascript10
python10
session-management10
web-application-security10
it-security10
http10
http-proxy10
security10
mitmproxy10
go10
nginx10
reverse-proxy9
ssl9
ss9

Programming languages (5)

PowerShellCJavaScriptGoPython

Github contributions (5)

github-logo-circle
kgretzky/evilginx

Mar 2017 - Jul 2018

PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2
Role in this project:
userBack-end Developer & Security Engineer
Contributions:3 releases, 28 commits, 8 PRs in 1 year 4 months
Contributions summary:Kuba primarily contributed to the core functionality of the phishing tool, `evilginx`. Their work involved parsing and handling credentials, implementing token management, and integrating with various web services. The user also implemented and improved security features and configuration, including handling of SSL/TLS certificates and integration with Let's Encrypt. The user also focused on fixing bugs and releasing updates.
phishing-attacksphishing
kgretzky/evilginx2

Jul 2018 - Feb 2021

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Role in this project:
userBack-end Developer & Security Engineer
Contributions:8 releases, 1 review, 129 commits in 2 years 7 months
Contributions summary:Kuba released version 2.0.0 of the `evilginx2` framework, indicating a significant update to the project. Their commits focused on core functionality, specifically modifications to the `http_proxy.go` file, which is central to the man-in-the-middle attack framework. The user also made small fixes to session capturing and added a developer mode, and implemented new features such as automatic IP whitelisting, custom redirects, and further hardening of security.
2-factor-authenticationsecurityauthenticationfactorinfosec
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Kuba Gretzky - Software Engineer