Work
- Independent practice — penetration testing, red team, advisory.
- AI red team — agentic systems, tool-calling chains, the processes around them.
- OSINT & OPSEC — attribution, due diligence, privacy hardening. Licensed for detective work under Polish law.
- Research, disclosures, building public output under bersec.me.
Research & output
- Coordinated disclosures — most recent CVE-2026-41496 , more pending.
- Building osint.bersec.me — public OSINT tooling.
- Filling out notes.bersec.me — PortSwigger lab notes.
- Write-ups on blog.bersec.me .
Learning
- OSAI — currently sitting.
- OSWE — next.
- OSCE³ — end goal (OSEP + OSWE + OSED).
Off-duty
- Shooting (also as an instructor), drones, training.