About

About Me 📝

I am a experienced Penetration Tester with a strong focus on web applications, APIs, and infrastructure security. Skilled in identifying and exploiting vulnerabilities across various sectors, including finance, telecom, and cloud environments. Passionate about continuous learning, offensive security research, and contributing to the cybersecurity community through certifications, public speaking, and CVE disclosures.

Name: Sérgio Charruadas 👨🏻
Alias: itzv3nom- 🧑🏻‍💻
Nationality: Portuguese 🇵🇹
Languages: Portuguese, English, Spanish 🌍
Location: Lisbon, Portugal 📍
Time Zone: Western European Time (WET) ⏰ Personal Interests: Finance, Web3, Crypto, Technology, Music 🗣️
Education: BA Hons Hospitality & Tourism Management 🎓
Occupation: Offensive Security Operator / Penetration Tester 🧑🏻‍💻

Talks and Presentations 🎤

HTB Lisbon: The Click - Unlocking the Hacker Mindset

📂 Presentation Slides:

🧩 Challenge Exercise:

Try It Now!

This talk introduces The Click – Unlocking the Hacker Mindset, exploring how to think like a hacker by stepping into the mindset of an attacker. It covers real-world penetration testing scenarios, showcasing vulnerabilities and security control bypass techniques through interactive exercises and live demonstrations.

Attendees gained hands-on experience in learning practical skills to approach cybersecurity with a fresh perspective. The session also highlights key insights from my career transition into cybersecurity, encouraging participants to develop their own hacker mindset.

Professional Experience 💼

• PwC Portugal, Lisbon, Portugal - Offensive Security Operator
• Altice/MEO, Lisbon, Portugal - Penetration Tester / Red Teamer
• UST, Birmingham, England - Intern Junior Penetration Tester

Certifications 📜

• GIAC
  • GSEC (Security Essentials Certification)
  • GFACT (Foundational Cybersecurity Technologies)
• HackTheBox
  • CBBH (Certified Bug Bounty Hunter)
• CompTIA
  • SY0-601 (Security+)
• The SecOps Group
  • CAPenX (Certified AppSex Pentesting eXpert)
  • CAPen (Certified AppSec Pentester)
  • CNPen (Certified Network Pentester)
• APISec University
  • ASCP (API Security Certified Professional)
  • CASA (Certified API Security Analyst)
• CyberWare Labs
  • CRTA (Certified Red Team Analyst)
  • MCRTA (Multi-Cloud Red Team Analyst)
• Amazon Web Services (AWS)
  • CLF-C02 (AWS Certified Cloud Practitioner)
• Security Blue Team
  • BTL1 (Blue Team Level 1)

Links 📝

LinkedIn

https://www.linkedin.com/in/sergio-charruadas/

HackTheBox

https://app.hackthebox.com/users/1175044

GitHub

https://github.com/itzvenom/