I am an Information Systems Engineering student at Universidad Peruana de Ciencias Aplicadas (UPC), currently focused on Cybersecurity, with a stronger specialization in Web Pentesting, Offensive Security, Application Security, vulnerability analysis, and CTF competitions.
I am currently working at Fluid Attacks, where I continue strengthening my offensive security mindset and practical skills around real-world vulnerability assessment, secure development, and application security.
My current path is mainly oriented toward Web Application Security, understanding how modern applications break, how vulnerabilities are discovered, and how secure systems can be built from a deeper technical perspective.
I actively train through Hack The Box, TryHackMe, CTFs, security labs, vulnerability research, and personal writeups. I enjoy documenting what I learn, building tools, solving realistic exploitation scenarios, and improving every day as a security professional.
- Main focus: Web Pentesting, AppSec, Offensive Security, CTFs and Vulnerability Research.
- Currently working at: Fluid Attacks.
- Currently learning:
- Advanced Web Exploitation
- OWASP Top 10 in real-world scenarios
- Authentication and authorization vulnerabilities
- API Security
- Active Directory attacks and defenses
- Cloud security fundamentals
- Secure code review basics
- Hands-on practice:
- Web vulnerability analysis
- CTFs and cybersecurity competitions
- Hack The Box and TryHackMe labs
- Linux privilege escalation
- Python and Bash scripting for automation
- Security writeups and technical documentation
- I’m open to collaborating on:
- Cybersecurity projects
- Open source security tools
- CTF writeups and labs
- Web security and AppSec initiatives
- Secure coding projects
- Ask me about: Web Pentesting, CTFs, cybersecurity labs, Python scripting, Linux, AppSec, dashboards, or anything tech-related.
- Outside of tech, I enjoy 🎶 listening to music, 🏀 playing basketball, and 🏋️ training at the gym.
- 📫 Reach out to me at: iam_alvarez_orellana@hotmail.com
whoami
Web Pentesting enthusiast | Offensive Security learner | CTF player | AppSec explorer
current_status
Working at Fluid Attacks | Focused on Web Application Security
main_fields
Web Pentesting | AppSec | Offensive Security | CTFs | Linux | API Security | Cloud Security
mindset
🧠 “Break it. Understand it. Report it. Secure it.”






