About

Who Am I?

I’m Andrew Kapaldo, a cybersecurity enthusiast and CTF player based in West Virginia. I’m passionate about breaking things (ethically!) to understand how they work, and I document my learning journey through detailed writeups and security research.

Background

With a strong foundation in information technology and cybersecurity, I hold multiple industry certifications and continue to expand my knowledge through hands-on practice and continuous learning.

Certifications

(ISC)² CCSP - Certified Cloud Security Professional
(ISC)² SSCP - Systems Security Certified Practitioner
CompTIA Security+ (May 2021) - SY0-501
CompTIA Pentest+ - (January 2023) PT0-002
CompTIA Network+ (June 2022) - N10-008
CompTIA A+ (May 2021) - 220-1001/1002

Education

Currently Pursuing: MS in Business Cybersecurity Management (Expected 2026)
BS in Cybersecurity and Information Assurance - Focus on a wide range of cybersecurity topics and domains
AAS in Information Systems - Focus on system administration and networking
Certificate of Applied Science in Cyber Security - Specialized cybersecurity training

What I Do

CTF Competitions

I actively participate in Capture The Flag competitions to sharpen my technical skills and learn new attack techniques. My focus areas include:

🌐 Web Application Security - Finding and exploiting vulnerabilities in web apps
🔍 Digital Forensics - Analyzing memory dumps, disk images, and network traffic
🐞 Malware Analysis - Reverse engineering malicious software
🕵️ OSINT - Open source intelligence gathering and reconnaissance
🔐 Cryptography - Breaking ciphers and cryptographic implementations

Community Service

When I’m not solving CTF challenges, I volunteer with my local search and rescue team, helping find lost and missing children and adults in the Morgantown, WV area. I believe strongly in using technology and technical skills to make a positive impact on people’s lives.

Professional Work

I work in the technology field, applying security principles to help organizations protect their systems and data. My experience spans system administration, network security, and security analysis.

Current Projects

Tool Development

I develop custom Python scripts and tools to automate CTF tasks and improve my workflow. Some areas I’m exploring:

Automated reconnaissance and enumeration tools
Custom exploit development frameworks
CTF challenge solvers and automation scripts

Skills & Tools

Programming Languages

Python - Primary language for scripting and exploit development
PowerShell - Windows automation and security analysis
Bash - Linux system administration and scripting
HTML/CSS/JavaScript - Web development and understanding web vulnerabilities

Security Tools

Burp Suite - Web application testing
Wireshark - Network traffic analysis
Ghidra - Reverse engineering and malware analysis
Metasploit - Exploitation framework
Nmap - Network scanning and enumeration
SQLmap - Automated SQL injection testing
John the Ripper - Password cracking
Volatility - Memory forensics

Platforms

Kali Linux - Primary penetration testing OS
Windows/Windows Server - Enterprise environments
VMware ESXi - Virtualization and lab management

Learning Goals

I’m always working to expand my knowledge and skills. Current learning objectives include:

2026-2027 Goals

🎯 CISSP Certification - Pursuing the gold standard in security certifications
📚 Master’s Degree - Completing MS in Business Cybersecurity Management
🔒 OSCP - Offensive Security Certified Professional
🌐 Advanced Web AppSec - Deep diving into complex web vulnerabilities
🐛 Reverse Engineering - Advanced binary analysis and malware development understanding

Continuous Learning

Regular participation in CTF competitions (Huntress, Flare-On, HackTheBox)
Following the latest security research and vulnerability disclosures
Contributing to open-source security tools and projects
Building and maintaining realistic attack/defense scenarios in my home lab

Why This Site?

This site serves multiple purposes:

Documentation - Recording my CTF solutions and learning for future reference
Knowledge Sharing - Helping others learn from my approaches and mistakes
Portfolio - Demonstrating my technical skills and problem-solving abilities
Personal Growth - Writing about challenges forces deeper understanding

I believe in learning in public and sharing knowledge with the community. Every writeup represents hours of research, trial and error, and eventual success (or instructive failure). If my writeups help even one person learn something new or overcome a challenge, then the time spent documenting is worthwhile.

Get in Touch

I’m always happy to connect with fellow security enthusiasts, CTF players, and anyone interested in cybersecurity!

Connect With Me

💼 LinkedIn - Professional networking
💻 GitHub - Code and projects
🎯 HackTheBox - CTF profile (update with your profile ID)
🏆 TryHackMe - Learning platform (update with your username)

What I’m Interested In

CTF competitions and collaboration
Security tool development
Malware analysis and reverse engineering
Web application security research
Networking with other security professionals

Projects & Collaboration

I’m open to:

Collaborating on open-source security tools
Participating in team CTF competitions
Contributing to security research projects

Feel free to reach out via LinkedIn or GitHub. I try to respond to all messages, though it may take a few days depending on my schedule.

Site Information

This site is built using:

Jekyll - Static site generator
Minimal Mistakes - Clean, responsive theme
GitHub Pages - Free hosting
Custom automation - Syncing writeups from my private CTF repository

All writeups are my own work unless explicitly stated otherwise. I write these primarily for myself as learning documentation, but I share them publicly in the hope they might help others.