Marcin Ulikowski

Principal Security Researcher at Mimecast

Kuyavian-Pomeranian Voivodeship, Poland
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
Marcin Ulikowski is a Principal Security Researcher with over a decade of experience hardening applications and infrastructure for major enterprises across energy, communications, and finance. He blends deep threat-hunting, DFIR, and penetration-testing expertise with hands-on programming in Python, and operational deployment of detection tools like ClamAV and YARA. At Mimecast he leads research that turns into yearly AV signatures blocking millions of malicious emails and practical protections for large customers. Marcin is also an active open-source contributor—having significantly improved dnstwist’s homoglyph generation and added HTTP/SMTP banner grabbing to expose phishing and typo-squatting infrastructure. His background in CSIRT operations and network engineering gives him a rare ability to trace threats from protocol-level artifacts to strategic enterprise risk. Colocated in Kuyavian-Pomeranian Voivodeship, Poland, he pairs analytic rigor with a maker’s instinct for building pragmatic security tooling.
code11 years of coding experience
job7 years of employment as a software developer
github-logo-circle

Github Skills (3)

phishing10
python10
security10

Programming languages (4)

JavaCYARAPython

Github contributions (5)

github-logo-circle
elceef/dnstwist

Jun 2015 - Jan 2023

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Role in this project:
userBack-end Developer & Security Engineer
Contributions:31 releases, 502 commits, 63 PRs in 7 years 8 months
Contributions summary:Marcin primarily worked on improving the domain name permutation engine. Their contributions focused on fixing and improving the homoglyph generator, which is used to detect typo squatting and phishing attacks. They added multi-letter homoglyphs, fixed existing issues, and introduced functionalities for internationalized domains. Further contributions focused on adding new features, like the implementation of HTTP and SMTP banner grabbing, which are used to collect information about running services on the scanned domain names.
pythonphishingthreat-intelligenceosintdomains
elceef/subzuf

Nov 2022 - Jan 2023

a smart DNS response-guided subdomain fuzzer
Contributions:2 releases, 29 commits, 13 pushes in 1 month
dnsdomain-namesecurityfuzzingsubdomains
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Marcin Ulikowski - Principal Security Researcher at Mimecast