Asset designation: Sagar Biswas — alias Sagar MultiHAT. Computer Science operative embedded at AIUB, Bangladesh. Reckoning in web application exploitation, penetration testing, and offensive security research.
It started with curiosity; how do systems pwn? Gathering infos by passive recon. I focus on understanding the ”what” and ”why” while delegating the ”how” to AI tools, with line-by-line understanding. I began turning those questions into practical research. Every vulnerability I discovered became a part of that exploration.
“MultiHAT” isn't just a name; it embodies my emotions and dreams. It represents the philosophy of understanding multiple perspectives: the attacker’s mindset (BlackHAT thinking), the defender's discipline (WhiteHAT ethics), and the researcher's curiosity (GreyHAT exploration). Mastering all three is the only path to true cybersecurity awareness.
Behind the dark hacker aesthetic lies a single purpose: cybersecurity awareness. Every threatening line of text, every glitch effect, every red glow is designed to make people feel what a real cyber threat feels like; so they take their digital safety seriously. This portfolio is a weapon of education, not exploitation.
Mindset
If I had Aladdin's lamp and it granted me only one wish, I would ask for all the knowledge in the universe — from the beginning until the present — to exist inside my mind. Not for power or fame, but because the deeper I learn, the more disturbing the truth becomes: the more I learn, the more I realize how much I still do not know.
knowledge → money → powerComputer Science & Engineering student. Building a foundation in algorithms, data structures, databases, networking, and software engineering; with a security-first mindset.
Contributing to cybersecurity awareness workshops, real-world & open-source projects, and knowledge-sharing sessions. Building a community of security-conscious developers.
Practicing ethical penetration testing: XSS, SQL injection, CSRF, SSRF. Tools: Burp Suite, OWASP ZAP, Metasploit, Wireshark, Nmap.
Launched this threat-actor-themed portfolio as a cybersecurity awareness project. Blog transmissions, research notebooks, and educational resources; all weaponized for awareness.
A philosophy. A training protocol. A mindset.
Understanding the attacker's perspective. Knowing how exploits work, how systems fail, and where the gaps are. You can't defend what you don't understand.
Every technique learned is used for defense. Responsible disclosure, authorized testing, and building resilient systems. Ethics are non-negotiable.
The space between. Researching edge cases, exploring unconventional techniques, and pushing boundaries; always within legal and ethical limits.