Hello, I'm

Leonardo Costa

MSc Cybersecurity Graduate

Computer Engineering background, offensive security mindset. I love breaking down complex networks and systems to solve intricate security challenges.

Get in touch Download CV
Portrait of Leonardo Costa

01 About

I'm a cybersecurity graduate with a Computer Engineering background and an offensive security mindset. I'm passionate about analyzing complex networks and systems to solve intricate security challenges.

Whether I'm dissecting web application logic in a CTF, teaching students about web security, or building secure software, I bring an analytical, security-first approach to everything I do.

02 Experience

  1. CTF Player

    Jun 2023 – Present

    pwnlentoni team ↗

    • Cultivated an offensive mindset through hands-on vulnerability analysis.
    • Exploited web vulnerabilities by dissecting core application logic.
    • Collaborated with a team to solve complex security flaws under time pressure.

  2. Web Security Instructor

    Jan 2024 – Jul 2024

    University of Padua · CyberChallenge project ↗

    • Instructed students on web vulnerabilities and how to mitigate them.
    • Simplified complex web security concepts into clear, teachable material.
    • Helped students build an analytical, security-first mindset.

  3. Junior Web Developer · Internship

    Sep 2022 – Dec 2022

    Sync Lab S.r.l ↗ · Padua

    • Built secure user authentication with the Spring framework.
    • Designed robust access controls for the web application.
    • Applied security principles to write safe, reliable code.

03 Skills

Security & Offensive

  • Web Security
  • Cybersecurity Fundamentals
  • Vulnerability Analysis
  • CTF / Offensive Security

Engineering & Networks

  • Computer Engineering Principles
  • Network Architecture & Protocols
  • Web Technologies
  • Spring Framework
  • Data Analysis

Languages

  • English (C1)
  • Italian (Native)

Soft Skills

  • Analytical Problem-SolvingI break complex problems into clear, solvable pieces.
  • Teaching & CommunicationI simplify complex security concepts for any audience.
  • TeamworkI thrive collaborating to crack hard challenges together.
  • CuriosityI'm always probing how systems break, and how to make them safer.

04 Projects

JWT Vulnerability Testing Framework

A Playwright-based framework I built for my MSc thesis that automatically discovers JWT tokens in web applications through intelligent crawling, then runs multiple attack vectors (including key and algorithm confusion) to assess and score each token's vulnerability.

  • Python
  • Playwright
  • JWT
  • Docker
View project →

cornCTF 2025 · Challenge Author

An international Capture The Flag competition organized by my team, pwnlentoni. I authored challenges for the event, designing exploitable scenarios and writing the official solution write-ups and solve scripts.

  • CTF
  • Misc
  • AI
  • Python
View project →

CyberChallenge.IT 2023

Italy's national cybersecurity training program for students. I completed the offensive-security training track at the University of Padua, placed 4th in the local competition, and was selected for the UniPD team to represent the university at the national finals.

  • Offensive Security
  • CTF
  • Cybersecurity
Learn more →

05 Education

  1. Master's Degree, Cybersecurity

    Oct 2023 – Apr 2026

    University of Padua · Italy

    Grade 110/110

    A two-year, fully English-taught programme on the design, development and evaluation of secure systems, spanning cryptography, network and information security, machine learning and privacy for modern ICT systems.

    • Cryptography
    • Network Security
    • Information Security
    • Machine Learning
    View diploma ↗

  2. Erasmus+, Computer Science

    Jan 2025 – May 2025

    University of Helsinki · Finland

    An exchange semester at Finland's leading computer science department, with coursework focused on deep learning, web application development and web security.

    • Deep Learning
    • Web Development
    • Web Security

  3. Bachelor's Degree, Computer Engineering

    Oct 2019 – Mar 2023

    University of Padua · Italy

    Grade 93/110

    Broad-spectrum engineering training across computer science, electronics, networks and automation, building strong foundations in programming, computer architecture and information systems.

    • Programming
    • Computer Architecture
    • Networks
    • Databases
    View diploma ↗

  4. Technical Institute Diploma, Informatics

    2014 – 2019

    ITI Francesco Severi · Padua, Italy

    Grade 88/100

    Technical secondary diploma in Information Technology and Telecommunications, covering software development, databases, networks and systems through hands-on lab work on Windows and Linux.

    • Programming
    • Databases
    • Networking
    • Web Development

06 Voluntary Work

AGESCI Scouts

Member & Volunteer · 2009 – Present

Active member of AGESCI, Italy's Catholic scouting association, from 2009 to 2021, taking part in community service, outdoor expeditions and team projects that built lasting teamwork, responsibility and leadership. I still support the group today by cooking for the scouts during their camps.

Italian Red Cross

Volunteer · 2018 – 2022

Volunteered for four years across two main areas: peer education for young people on important topics such as sexual health and the Red Cross's humanitarian values; and psychosocial support, completing training on how to assist and care for vulnerable people.

07 Capture The Flag

I play CTF with pwnlentoni

Capture The Flag is where I sharpen my offensive security skills, solving challenges across web, crypto, reversing and pwn. I love dissecting application logic to find and exploit vulnerabilities, working with my team against the clock.

Team website ↗ CTFtime profile ↗

08 Get in touch

I'm always open to discussing cybersecurity roles, collaborations, or interesting security challenges. Feel free to reach out.

leonardocosta330@protonmail.com