Oliver Lyak

Offensive Expert at Kalmarunionen

Copenhagen, Capital Region of Denmark
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Oliver Lyak is an offensive security expert and researcher based in Copenhagen with six years of hands-on experience in adversarial testing, red teaming, and tooling for Windows AD environments. Currently at IFCR and contributing to ENISA's Team Europe initiative, he brings practical experience from CTF competition and open-source work to informed threat emulation. Notably, his contributions to the Certipy project include implementing PKINIT-related authentication and certificate management features that enable Active Directory Certificate Services enumeration and abuse. He combines deep protocol-level knowledge with pragmatic engineering—improving error handling, CA configuration retrieval, and security controls—to turn novel research into reliable offensive tooling.
code6 years of coding experience
bookGymnasium, English Language and Social Sciences, Gymnasium, English Language and Social Sciences at Ørestad Gymnasium
languagesGerman, English, Danish
github-logo-circle

Github Skills (8)

it-security10
ldap10
certificate10
active-directory10
cert10
python10
cryptography10
security10

Programming languages (6)

TypeScriptC++CJavaScriptRubyPython

Github contributions (5)

github-logo-circle
ly4k/Certipy

Oct 2021 - Dec 2022

Tool for Active Directory Certificate Services enumeration and abuse
Role in this project:
userSecurity Engineer
Contributions:22 releases, 66 commits, 40 PRs in 1 year 2 months
Contributions summary:Oliver primarily contributed to the `certipy` project, a tool for Active Directory Certificate Services enumeration and abuse, by implementing and refactoring core authentication logic, error handling, and certificate management features. Their work involved understanding and implementing PKINIT, which retrieves a user's NT hash with a certificate. They also updated the project with features for CA configuration retrieval. The user's contributions also involved adding security measures.
sslpkiadcssecurityabuse
ly4k/PwnKit

Jan 2022 - Jun 2022

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
Contributions:9 commits, 1 PR, 6 pushes in 4 months
self-containedsecuritycvelocal-privilege-escalationprivilege
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Oliver Lyak - Offensive Expert at Kalmarunionen