╔═══════════════════════════════════════════════════════════════╗
║ LEONA KOKERAI · CYBERSECURITY SPECIALIST · CLASS OF 2026 ║
║ "Find me before they find you." ║
╚═══════════════════════════════════════════════════════════════╝
$ cat leona.txt
Name : Leona Kokerai
Role : BSc (Hons) CS – Cyber Security | Lovely Professional University
Graduating : 2026
CGPA : 9.22 / 10 (First Class)
Cohort : Top 1% – Cybersecurity cohort, LPU
TryHackMe : Top 3% globally — out of millions of practitioners
Nationality: Zimbabwean | Open to relocation | Visa sponsorship required
Languages : English · Afrikaans · German · Ndebele · Shona · sePedi
Email : leonakokerai@outlook.com
Portfolio : https://leeownuh.github.io/cv-resume-portfolio/I'm not a typical cybersecurity student.
I ran a real black-box penetration test on a live production system — zero prior knowledge, 50+ active users at risk — and uncovered 12 critical vulnerabilities across authentication, session management, and access control. I documented every finding, mapped them to OWASP Top 10 and NIST SP 800-115, and delivered a professional report whose remediation recommendations were actually adopted by the client.
I built and secured AWS infrastructure handling 5,000+ concurrent users. I ranked Top 3% globally on TryHackMe. I have a First Class CGPA of 9.22/10. I hold certifications from ISC2, Google, IBM, Quick Heal, CompTIA, and Tata.
I'm a first-generation woman in STEM, fluent in six languages, raised across Zimbabwe, South Africa, and India. I bring technical depth, cross-cultural communication, and the kind of relentless drive that doesn't come from a textbook.
| # | Achievement | Year |
|---|---|---|
| 🥇 | Top 1% of Cybersecurity cohort — Lovely Professional University | 2023–2026 |
| 🎯 | Top 3% globally on TryHackMe — millions of practitioners | 2025 |
| 💡 | 12 critical vulnerabilities found on a live production system | 2024–2025 |
| 📈 | Drove 35% revenue growth in 3 months at Eduflex Academy via digital transformation | 2024 |
| 🏆 | Best Information Technology Student — Hoërskool Ben Viljoen | 2020–2022 |
| 📚 | Academic Top 10% — Hoërskool Ben Viljoen | 2018–2022 |
| 🌍 | Grade 11 Sekhukhune District Top 100 | 2021 |
Burp Suite · Metasploit · Nmap · Nikto · Gobuster · SQLMap
Hydra · OWASP Top 10 · DAST · SAST · Web App Pentesting
Network Pentesting · Vulnerability Assessment · Exploitation
Splunk · SIEM · Log Analysis · Threat Detection · Incident Response
MITRE ATT&CK · NIST CSF · NIST SP 800-53 · NIST SP 800-115
Autopsy · Volatility · File Magic Numbers · Steghide
Memory Analysis · IR Planning · Evidence Handling
Python · Bash · C/C++ · PowerShell · PHP (Laravel)
JavaScript · HTML · CSS · Assembly · Prolog · Delphi
AWS · Docker · Linux Administration · Windows Systems
Cisco Packet Tracer · Wireshark · GitHub CI/CD · RBAC
VPNs · Firewalls · IDS/IPS · Cloudflare
ISO 27001 · PCI DSS · HIPAA · GDPR · SOC 2
NIST SP 800-53 · NIST SP 800-115 · NIST CSF
The one that matters most.
Conducted an authorised black-box penetration test against a production Laravel/MySQL web application serving 50+ active users — simulating real-world adversarial conditions with zero prior system knowledge.
- Found and documented 12 critical vulnerabilities spanning authentication bypass, session fixation, privilege escalation, and SQLi
- Mapped all findings to OWASP Top 10 and NIST SP 800-115
- Delivered severity-ranked remediation report — adopted by the client
- Tools: Burp Suite · Nmap · SQLMap · Nikto · Metasploit · Gobuster
React · Node.js · AWS · NIST CSF
Developing a full-stack provincial management and communications platform. Architected AWS infrastructure capable of handling 5,000+ concurrent peak traffic loads with reliability and security by design. Tailored incident response plan aligned with NIST CSF guidelines.
Python · Tkinter · Matplotlib · PyInstaller · GitHub Actions CI/CD
Professional password auditing tool that evaluates credentials via complexity scoring and Shannon Entropy calculation. Built a complete CI/CD pipeline with GitHub Actions — auto-building and releasing Windows, macOS, and Linux binaries on every push.
Features: entropy graphs · pattern detection · smart suggestions · policy compliance checks · CSV bulk export · light/dark mode
Python · Magic Numbers · MIME Types
Forensic tool that identifies file types using magic number signatures, MIME types, and file extensions — demonstrating core techniques used in digital investigations and incident response.
C++ · Multithreading · pthreads
Educational multithreaded brute-force simulator using pthreads to benchmark password-cracking attempts-per-second and analyse keyspace complexity — illustrating real attack surfaces.
- Secure Web Application Assessment Demo — Interactive cybersecurity teaching platform with SQL injection demos, OWASP ZAP-style scanner simulation, OS forensics comparison, and pentest reporting framework. Built for a mock lecture.
- QuickPayMoney Transfer — Online currency converter (HTML · CSS · JavaScript)
- IoT Protocol Quiz — Interactive educational quiz on IoT protocols
- Progress Tracker — Documented cybersecurity learning journey
✅ Certified in Cybersecurity (CC) — ISC2
✅ Google Cybersecurity Professional Certificate — Google · Coursera
✅ Google IT Support Professional Certificate — Google · Coursera
✅ IBM Cybersecurity Analyst — IBM · Coursera
✅ Certified Digital Forensic Investigator — Quick Heal
✅ Securing Computer Systems — Quick Heal
✅ Cybersecurity Analyst Job Simulation — Tata · Forage
✅ Introduction to Ethical Hacking — CompTIA
✅ Jr. Penetration Tester Certificate — TryHackMe
✅ Web Application Pentesting Certificate — TryHackMe
✅ Web Fundamentals Certificate — TryHackMe
✅ Cyber Security 101 Certificate — TryHackMe
✅ Pre-Security Certificate — TryHackMe
🎓 BSc Hons CS – Cyber Security (CompTIA tie-up) — LPU · 2026
ICT Administrator & Penetration Tester | Eduflex Academy | 2024–2025
- Built entire school IT infrastructure (systems, network, software)
- Conducted authorised black-box pentest — 12 critical vulnerabilities identified
- Secure digital records dashboard for 50+ users
- Drove 35% revenue growth in 3 months via digital transformation
Full-Stack Engineer & Cybersecurity Specialist | GBEAAA Church | 2024–Present
- Developing React/Node.js provincial management platform
- NIST CSF-aligned incident response plan design
- AWS infrastructure optimised for 5,000+ concurrent users
Cambridge A & O-Level CS Tutor | Sunshine Private Tutors | 2023–2026
- Tutored 20+ international students
- Improved test pass rates by 15% over two years
Junior Web Developer | Oyannah Academy | 2021–2023
- PHP (Laravel) · MySQL · Secure authentication & access control
Lead Graphic Designer | Agri-Avenir | 2021–2023
- Digital campaigns reaching 10,000+ potential customers
Open to: SOC Analyst T1 · Jr. Penetration Tester · Cybersecurity Analyst
DFIR Analyst · Junior Security Engineer · Vulnerability Analyst
Visa sponsorship required · Open to global relocation
© 2026 Leona Kokerai · Find me before they find you.