Hi there, I am Nikola. Thank you for visiting my webpage. My journey into the cyber security realm began with "malicious" intent. Back when Facebook was born, more then anything i wanted to "hack" my best friends account - (who didn't).
I am 26 years old now, happily married, father of a little girl, got my Master Degree in Computer Science, multiple Defensive/Offensive Cybersecurity certificates with proven track record in identifying vulnerabilities and developing effective strategies to safeguard against cyber threats in enterprise environments.
I enjoy fishing (not phishing, ok?), reading, writing and sleeping - pretty much anything i can do while sitting or laying down.
Education
University of Montenegro
MSc, Computer Science
Thesis: Development and implementation of a facial recognition intrusion detection system
University of Montenegro
BSc, Computer Science
Experience
Information Security Professional
Erste Bank
June. 2024 — Present
Threat Hunter
Government CIRT
Jan. 2023 — June 2024
Linux Engineer
3GProxy
Nov. 2022 — Jan. 2023
Skills / Vendors
- Skills:
- Linux (fedora/debian + downstreams(no alma), rhel)
- Ansible, Docker, Nginx
- x86_64, C, Python, Bash, Awk/Sed, Javascript(vanilla, node, express, sequelize), psql.
- Kali/Remnux +tooling in general (Burp Suite, metasploit, havoc, cobalt strike, nmap, volatility, gdb...)
- DFIR, Wireshark, EDR, SIEM, WAF, Proxy, DLP, PAM, ELK Stack, Wazuh, Security Onion.
- AD, AD CS, GPOs, Windows shenanigans in general, Power BI (started to love this fella even if I hated at first (prefered pandas) - in combination with api and some automation, I am able to get high level reports/charts/trends of anything that upper management demands..)
- Vendors:
- Trellix (HX, EDR, ePolicy Orchestrator, SIEM)
- Splunk Enterprise
- Proofpoint
- Qualys
- Fireeye Email Threat Protection
- Cisco Secure Web Appliance
- Radware WAF/LB
- F5 WAF/LB
- ForcePoint DLP, NGFW
- CloudFlare
CVEs
- CVE-2024-13867
- CVE-2025-X - Microsoft 365 Outlook/Exchange - In triage
Coding projects
GitHub - goodfella-afk/gwsProject: Intended usage of this toolkit is to be of a assistance in delivering custom phishing campaigns in enterprise environments.
Intended usage of this toolkit is to be of a assistance in delivering custom phishing campaigns in enterprise environments. - goodfella-afk/gwsProject
goodfella-afk
GitHub - goodfella-afk/semicolon: “A semicolon is used to connect closely related independent clauses in a sentence or to separate items in a complex list. It serves as a pause that is longer than a comma but shorter than a period, helping to clarify relationships between ideas.”
"A semicolon is used to connect closely related independent clauses in a sentence or to separate items in a complex list. It serves as a pause that is longer than a comma but shorter than a pe…
goodfella-afk
Certifications
Hack The Box Certified Penetration Testing Specialist (HTB CPTS) was issued by Hack The Box to Nikola Živković.
HTB CPTS holders will possess technical competency in the ethical hacking and penetration testing domains at an intermediate level. They will be able to spot security issues and identify avenues of exploitation that may not be immediately apparent from searching for CVEs or known exploit PoCs. They can also think outside the box, chain multiple vulnerabilities to showcase maximum impact, and actionably help organizations remediate vulnerabilities through commercial-grade pentesting reports.
Associate of ISC2 was issued by ISC2 to Nikola Zivkovic.
The Associate of ISC2 status allows an individual to demonstrate competence in the field by passing the rigorous CISSP exam, and work toward gaining the experience required to become CISSP certified. The vendor-neutral CISSP credential confirms technical knowledge and experience to design, engineer, implement, and manage the overall security posture of an organization.
CompTIA Security Analytics Professional – CSAP Stackable Certification was issued by CompTIA to Nikola Zivkovic.
Earners of the CompTIA Security Analytics Professional (CSAP) are security analytics professionals that have the ability to plan and carry out security measures to protect an organization’s computer networks and systems.
CompTIA CySA+ ce Certification was issued by CompTIA to Nikola Zivkovic.
Earners of the CompTIA Cybersecurity Analyst (CySA+) certification have the skills and knowledge to perform incident detection, prevention and response through continuous security monitoring. Includes analysis of indicators of malicious activity, threat hunting and threat intelligence concepts, appropriate tools and methods to manage, prioritize, and respond to attacks and vulnerabilities, performing incident response processes and understanding related reporting and communication concepts.
CompTIA Security+ ce Certification was issued by CompTIA to Nikola Zivkovic.
Earners of the CompTIA Security+ certification have the knowledge and skills necessary to perform core security functions required of any cybersecurity role. CompTIA Security+ professionals know how to identify and address potential threats, attacks and vulnerabilities and they have established techniques in risk management, risk mitigation, threat management and intrusion detection.
Ethical Hacker was issued by Cisco to Nikola Živković.
Cisco verifies the earner of this badge successfully completed the Ethical Hacker course. The holder of this student level credential has a broad understanding of the legal and compliance requirements and is proficient in the art of scoping, executing, reporting vulnerability assessments, and recommending mitigation strategies. The holder has completed up to 34 hands-on activities using Kali Linux, WebSploit, and other tools.
IEEE Publications
PGP Key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBGokMTcBDACtLXCyLpKNv+zblf1VkklJiAqQd/cHOcGJ2nbZSEg2OXfnb/K0
CqcKCUV6m4H2euxhklzRgR9LePiqBgzYWgcTb7H+qt3HXAdglNvWC813hPCw3PtM
IN9njKU5NaX4HBj5trvDuL3XwjKagkvscJ95DKx5fyqGymyz5Pt33zngHToRlutw
m99X70N16pQwClVupWLhhn2fTZZ0DxrkkI53uAsMAxgQRiB+/HPOfZTuVjSLIpNt
oShZYGus00lGGQrdXU9ycKOt0c0F3DN341RD2njXJj5t9Lp4/VAAviwNOswwFtvl
QDTwfIyZzYR81Uw+UjlM43zKGZLm3zkw+BLDY/juQb3iMqNGHlG0P0aHxhzM1NMp
CdeTIQrGncKOkKSFSvyveCwRWywJheB5du3ZNKJYO/Ik/RYhWlQ+fXHqtm9uzL2w
LKaEVv2krJBxSCS8emUpdTCW0L0ohphxqX4Fif8wKstMlEXH7cYcVVi/m/ncv3/w
aAqsq8+ZfOHJMMMAEQEAAbQoTmlrb2xhIFppdmtvdmljIDxpbmZvQG5pa29sYXpp
dmtvdmljLm1lPokBzgQTAQoAOBYhBJMrSjBGdz502HJoBgr88TyiE5N+BQJqJDE3
AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEAr88TyiE5N+JlsMAJQpRfzw
B3S0id8IqGeVNzKajkNniTo3Zg4cqLFke+IE14/tmdaKBTpXMPo86Tuz83TaPaVd
EsBNMhDqmkT5hRGTPCAiJ1CPIKpb7SEo+XqjHma8/CCXjPtumfA9jqrM/QJApgz4
qAMXwyj5YdtSUPMUwn6A15khYUCxXbpGWkmJGbJThG/h7J1uN+Y8oDa2QhRLjBtg
LA30WfoTNAvjUQvcGQmLJJouxTfNQG7v/oONw+mcI/HmMDJlWs2guyAW1WUyIlN5
Ip/XHXb5G1S48UAY7UXZwaHTsynHWr7Dj3DdEwofJ9rOWLaDREfAd/lyFo1QWGkk
Y+ldmsCOHfJPlfVsa0wRGX0m6vwzblZKuZ//rDs3GFc5x3MVfuINvM31W/E4mEIk
yokeTr9GX/2O+/fCsIiZ3CubRZcWUkJ8XZDiDQpNdFLfe1DgkdhDfun0Bqk5X8Sg
qOrefSTmG44sd2hCinU1l5hcIlcvcNxO6z7BSZj7Yj8uE9sJ4r/SF5ezCLkBjQRq
JDE3AQwAqYhn7YIqcsvUcXRXLPSwxu57F6N5jKU+vc6kONX1ubNGNbQ3A3sr0Kvl
aB1i6XblLxhnoR5tiu8VOkMugHxt3cfMxB4WXv4SQPUadUN5yOsuMXi/u3F74isN
aEfQ83ulAAUYMRBF0myHUHk5ZHLzMD6BpF3qIJ+8q6JO0yguSFbQ3f14XJkkZYGu
wm5SFFqlqHau5OZ9VRBNdU219drBhH8OZ1ULwAE3AVJuYRQnDKipBUTGGoA94xj4
LKwoXd3mDpkNAJIfA1Iwd61dnUcYhiB7PYzeQAn40oKg+COYb8XPhjdk7v5AIwMq
Cc3aq9D2m4FVo2qB0CZMh/iuVU/3pM8XfDx1ZWQ8uAqnWS8G3R13OKC88le1bvtl
wsyaD1FDz1WnlsVwQQMN/o30/MgIY3sbcjLg3ywdOsXveEDSSBkgXFuDQCzG6jTL
2odzU/A3tDSunB/uL3TpCusQ9j/z+GiWvtx4CykDnMAWkzrbjeMKen9RJgyftRSs
+vB9o3O3ABEBAAGJAbYEGAEKACAWIQSTK0owRnc+dNhyaAYK/PE8ohOTfgUCaiQx
NwIbDAAKCRAK/PE8ohOTfomrC/9fAV8sQiz/6X8eAylUi0shBRsF8Stghlg0akWQ
ioNr1C0oZiv2XFPgqNWItPRvj+32NaM3iEyZWYX6JHziTJr1cYbG1KCLKcr3fbk9
jb0gdS17QViKtz47RvD3dLEQF+CDKhb84aG6H+gt+OtG8u5Suo1cLAGC5dxETild
9gI+X5OdMZoBQpGadpmHTdwhAqJDbJFzrJ/zW7cwEbFCKno84QanBse9tLHnoEol
n+QDOg+fdIz1HR6w44PPgBa25YTwNuu4Yn56ldn/CnOr5pcPQ55+2ZgM4zsb3ngP
zdoUxadkgs7Ud84CGEOyuFm0NYyAwTduUWL4rtRvBD5HgHxadcvufF7cV+ayzVTM
31+ahm+2gFes0Au2p9WFYJFuillpyqQB3g7Te540aqCyvw9g1LgZid86/F7B2ozb
c2DMauNtE00/u8ZP98Jry3sy6S/443drE68Hi7s22IfbHOns2JK+JCvYcXHPmyBc
tHuxyRMTFCizFL1jJm34w1ASrNU=
=pqfz
-----END PGP PUBLIC KEY BLOCK-----