Sergey Grishuk | Principal Security Researcher & Engineer

Specializing in threat analysis and custom security automation.

View My Work Get In Touch

Areas of Expertise

Vulnerability Assessments & Penetration Testing

I find and prioritize critical weaknesses in your web applications, APIs, and networks, providing a clear, actionable report to fix them before an attacker can exploit them.

Custom Security Automation

I build reliable tools to automate your repetitive security tasks, freeing up your team's time and ensuring consistent, error-free operations.

Security Architecture & Strategy

Expertise in designing secure systems, planning incident response, and navigating compliance challenges to build effective and resilient defenses.

Threat Intelligence & Research

Conducting targeted research on new threats and proprietary applications to provide critical intelligence and a defensive advantage.

Posts

A Deep Dive into Website Protection with fail2ban, Nginx, and ModSecurity

Enterprise security doesn't have to come with a six-figure price tag. This practical guide shows you how to build a formidable defense for your website using powerful, free, and open-source tools. Learn to configure fail2ban, Nginx, and ModSecurity to protect against real-world attacks.

DDoS Firewall WAF open-source fail2ban nginx ModSecurity Linux Server Hardening Web Security

Beyond Cookies: Are You Aware of How Much Data Your Website is Really Collecting?

Discover how cookieless tracking and browser fingerprinting create hidden business risks. Learn about GPU, CPU, and WebRTC data collection and how to protect your site.

Web JavaScript fingerprinting data collection privacy

Case Studies

Dark Scan

Problem: Standard security audits often require complex, manual setups to ensure scans are anonymous, making them slow and difficult to automate in a modern development pipeline.

Solution: I engineered Dark Scan, a zero-configuration scanner that automatically routes all activity through the Tor network. This provides robust anonymity out of the box.

Result: The tool enables businesses to easily and safely integrate anonymized security scanning into their automated workflows, improving security posture without sacrificing speed or simplicity.

Python OSINT Tor Penetration Testing

Get In Touch

I'm always open to connecting with other professionals in the field. Feel free to reach out.

sergey@grishuk.co.il