Filip Holec
Filip is the project leader of the non-profit company TunaSec and organizes meetups of the Brno community. He founded the company ENGETO, where he works as a technical leader and product manager and focuses on the direction of the company. In the past, he worked as a tester at Red Hat on Linux distributions and obtained several Red Hat certificates.
He graduated from FIT VUT in Brno and spends his free time with self-education and organizing events and hackathons. Hacking is an important part of his life from various perspectives - for example in business, biohacking, IT security or physical security (lockpicking).
Martin Žember
Martin has been working in the field of IT security for more than 12 years and currently works as a contractor in the field of red teaming, penetration testing, vulnerability analysis, malware, physical systems security and, last but not least, programming. He enjoys participating in competitions in the Czech Republic and around the world. In the spring of 2019, he won the Conference Security hacking competition, which has a long tradition among conferences in the Czech Republic.
Martin is also a Red Hat Cerified Sysadmin and uses his knowledge of Linux in his daily life. He also taught Linux at Charles University. He regularly lectures at conferences on IT security - recently at Information Security meetups under the auspices of OWASP, but also at the DefCamp hacker conference in Bucharest.
In addition to IT security, he deals with physical security - opening locks (lockpicking). As part of the red team tasks, he often found himself in a secure area and proved his knowledge at the Czech Lockpicking Championship, where he placed himself in the Top 5 in the Czech Republic.
He is a lecturer of the Ethical Hacking course in the ENGETO Academy for Prague and Brno.
Petr Skyva
Petr is an expert in reverse engineering and forensic analysis of applications and binaries. He works at Cleverlance as a systems engineer specializing in cryptographic certificates, Apache Tomcat and Java. His work overlaps with DevOps, where he specializes in the Kubernetes technology. He also works as a consultant for smaller companies in the field of security.
He studied FIT VUT in Brno and is also a magic trick performer.
Ján Masarik
Ján Masarik specializes in web application security and often uses attack vectors such as SSRF and HTTP request smuggling. He was in charge of the security at Kiwi.com before joining the Facebook security team. Via bug bounty programs, he reported dozens of security vulnerabilities to other companies, and his diploma thesis on the automation of bug bounty systems at FI MUNI also received an award from the dean of the faculty.
Among other things, he is one of the leaders of the OWASP Czech Chapter and the organizer of OWASP conferences in Brno.
Kamil Vávra
@vavkamil is an Ethical Hacker & Application Security Engineer. With a wealth of knowledge gained from countless hours of research, he generously shares his findings with the community, contributing to a safer internet environment for us all. Kamil is also a seasoned bug bounty hunter and has dedicated much of his life to Offensive Web Application Security.
Kamil has been involved in ethical hacking since he was 15, when he first learned about XSS and SQL. Since then, he has reported weaknesses in the security of companies' systems around the world.
Timeline
We started meeting more intensively at the beginning of 2018, primarily to participate in the so-called CTF (Capture The Flag) events, where we compete with other teams to solve various non-trivial challenges in the field of IT Security.
We have participated in a number of conferences, have had lectures and since 2019, we have been organizing several events for IT security enthusiasts in Brno. Now we want to help people who do not have knowledge of IT security.
In 2019, we placed in the TOP 50 security teams in the world in the prestigious Google CTF competition.
Certifications
Our certifications cover different areas from system administration to offensive security. Namely, the RHCSA and RHCE certificates represent the system administration and OSCP demonstrates the practical knowledge of penetration testing, as well as Burp Suite Certified Practitioner.
People from the wider TunaSec community have other IT security certifications, such as CISSP, CEH, CISA.