Asset designation: Sagar Biswas — alias Sagar MultiHAT. Computer Science operative embedded at AIUB, Bangladesh. Reckoning in web application exploitation, penetration testing, and offensive security research.
It started with curiosity; how do systems pwn? Gathering infos by passive recon. I focus on understanding the ”what” and ”why” while delegating the ”how” to AI tools, with line-by-line understanding. I began turning those questions into practical research. Every vulnerability I discovered became a part of that exploration.
“MultiHAT” isn't just a name; it embodies my emotions and dreams. It represents the philosophy of understanding multiple perspectives: the attacker’s mindset (BlackHAT thinking), the defender's discipline (WhiteHAT ethics), and the researcher's curiosity (GreyHAT exploration). Mastering all three is the only path to true cybersecurity awareness.
Behind the dark hacker aesthetic lies a single purpose: cybersecurity awareness. Every threatening line of text, every glitch effect, every red glow is designed to make people feel what a real cyber threat feels like; so they take their digital safety seriously. This portfolio is a weapon of education, not exploitation.
No operator is invulnerable. These are the behavior gaps I actively monitor and harden.
Risk Surface
I don't enjoy reading slides and simply regurgitating the content for exams. I prefer learning through hands-on experience, practice, and deep engagement. This approach can be a weakness when it comes to theoretical subjects or exams that require memorization.
When I commit to a particular task, I find it difficult to concentrate on anything else until I've finished it. Currently, I'm focused on cybersecurity (both offense and defense), development, technology, and curiosity. As a result, I often struggle to balance my studies and other responsibilities, and I frequently neglect my academic work because of my obsession with cybersecurity and development.
My biggest weakness is my perfectionism. I often spend too much time trying to make everything perfect, which can slow down my progress..
Computer Science & Engineering student. Building a foundation in algorithms, data structures, databases, networking, and software engineering; with a security-first mindset.
Contributing to cybersecurity awareness workshops, real-world & open-source projects, and knowledge-sharing sessions. Building a community of security-conscious developers.
Practicing ethical penetration testing: XSS, SQL injection, CSRF, SSRF. Tools: Burp Suite, OWASP ZAP, Metasploit, Wireshark, Nmap.
Launched this threat-actor-themed portfolio as a cybersecurity awareness project. Blog transmissions, research notebooks, and educational resources; all weaponized for awareness.
Classified personnel file. Handle with caution.
A philosophy. A training protocol. A mindset.
Understanding the attacker's perspective. Knowing how exploits work, how systems fail, and where the gaps are. You can't defend what you don't understand.
Every technique learned is used for defense. Responsible disclosure, authorized testing, and building resilient systems. Ethics are non-negotiable.
The space between. Researching edge cases, exploring unconventional techniques, and pushing boundaries; always within legal and ethical limits.