Initializing Portfolio
Leona Kokerai
Full-Stack Software Engineer & Cybersecurity Engineer · 2026
Available for work · Open to relocation
Full-Stack Software Engineer · Cybersecurity Engineer

Leona
Kokerai

Full-Stack Software Engineer Cybersecurity Engineer DevSecOps Jr. Penetration Tester DFIR Analyst
View Projects Get In Touch
Top 3%
TryHackMe Global
8.91
CGPA ·
Upper 1st Class
12+
Vulnerabilities Found
(Live)
Portrait of Leona Kokerai

Leona Kokerai

Find me before they find you.

🇬🇧 English🇿🇦 Afrikaans 🇩🇪 German🇿🇼 Ndebele 🇿🇼 Shona🇿🇦 sePedi
TryHackMe · Top 3%
8.91 CGPA · First Class
LPU · Top 1% in Cohort
scroll
Full-Stack Software EngineerCybersecurity Penetration TestingDevSecOps DFIRTop 1% LPU Cyber Security Cohort Find Me Before They Find You2026 Leona KokeraiCybersecurity Penetration TestingDevSecOps DFIRTop 3% TryHackMe Find Me Before They Find You2026
About Me

Zimbabwean, raised across southern Africa and India, fluent in six languages. I bring rare technical depth combined with cross-cultural communication and an uncompromising drive to grow.

I didn't just learn cybersecurity in a classroom. I ran a real black-box penetration test on a live production system, uncovered 12 critical vulnerabilities, and delivered a professional pentest report with remediation adopted by the client. I built and secured AWS infrastructure handling 1000+ concurrent users.

Degree
BSc Hons CS – Cyber Security (First Class)
Cohort Rank
Top 1% – Cybersecurity Cohort
TryHackMe
Top 3% Global
Nationality
Zimbabwean · Open to Relocation
GitHub
github.com/leeownuh
Portfolio Live
leeownuh.github.io
Technical Expertise

The Stack Behind
the Shield

Penetration Testing

Burp SuiteMetasploitNmapNiktoGobusterSQLMapOWASP Top 10DAST/SAST

SOC & Threat Detection

SplunkSIEMLog AnalysisIncident ResponseMITRE ATT&CKThreat DetectionNIST CSF

Digital Forensics (DFIR)

AutopsyVolatilityMagic NumbersSteghideMemory AnalysisIR Planning

Programming & Scripting

PythonBashC/C++PowerShellPHP (Laravel)JavaScriptAssembly

Cloud & Infrastructure

AWSDockerLinux AdminWindows SystemsCisco Packet TracerWiresharkGitHub CI/CD

GRC & Compliance

ISO 27001PCI DSSHIPAANIST 800-53NIST 800-115GDPRSOC 2
Work History

Where I've Left
My Mark

2024 – Present
Full-Stack Engineer & Cybersecurity Engineer
The African Apostolic Church GBEAAA · Volunteer
  • Developing full-stack React/Node.js organisation management platform
  • Designed NIST CSF-aligned incident response plan
  • Optimised AWS infrastructure for 1,000+ concurrent users
2024 – 2025
ICT Administrator & Penetration Tester
Eduflex Academy
  • Built entire school IT infrastructure (systems, network, software)
  • Conducted authorised black-box pentest - 12 critical vulnerabilities identified
  • Maintained secure digital records dashboard for 50+ users
  • Drove 35% revenue growth in 3 months via digital transformation
2023 – 2026
Cambridge A & O-Level CS Tutor
Sunshine Private Tutors
  • Tutored 20+ international students
  • Improved test pass rates by 15% over two years
  • Curriculum covering algorithms, programming & security fundamentals
2021 – 2023
Junior Web Developer
Oyannah Academy
  • Built and maintained PHP Laravel / MySQL web applications
  • Implemented secure authentication and access control
2021 – 2023
Lead Graphic Designer
Agri-Avenir
  • Designed digital campaigns reaching 10,000+ potential customers
Portfolio

Built. Broken.
Secured.

01 · SECURITY PRODUCT · PHP + AI
Ownuh SAIPS - Secure Authentication & Intrusion Prevention System
Full-stack PHP/MySQL security administration platform built to feel like a compact SOC product, not just a login demo. Combines MFA, password recovery, audit logging, IPS controls, incident tracking, AI executive reporting, HTML and PDF exports, live alert emails, and a recruiter-safe Demo vs Production flow for polished public walkthroughs.
Latest BuildPHPMySQLRedis ControlsMFAIPSAI ReportingHTML/PDF Export
02 · PENTEST · LIVE PRODUCTION SYSTEM
Eduflex Academy - Authorised Black Box Penetration Test
Authorised black-box pentest against a live Laravel/MySQL application serving 50+ active users. Zero prior knowledge. Identified 12 critical vulnerabilities across authentication, session management, and access control - posing direct risk to student and staff PII. Full professional report mapped to OWASP Top 10 and NIST SP 800-115. Remediation adopted by client.
Live Production12 Critical VulnerabilitiesBurp SuiteNmapSQLMapOWASP Top 10NIST 800-115
03 · FULL-STACK + CLOUD
GBEAAA Church - Secure Platform & AWS Infrastructure
Full-stack React/Node.js provincial management platform with NIST CSF-aligned incident response planning. AWS infrastructure optimised to handle 1,000+ concurrent users.
ReactNode.jsAWSNIST CSFIncident Response
04 · SECURITY TOOL · PYTHON
Ownuh SecurePass Analyzer
Password strength analysis tool evaluating credentials via complexity scoring and Shannon Entropy. Full CI/CD pipeline via GitHub Actions - auto-building binaries for Windows, macOS, and Linux.
PythonShannon EntropyTkinterPyInstallerGitHub ActionsCI/CD
05 · DFIR · PYTHON
File Type Identification System
Forensic tool identifying file types using magic number signatures, MIME types, and extensions - demonstrating core DFIR investigation techniques.
PythonMagic NumbersMIME TypesDFIR
06 · SECURITY RESEARCH · C++
Brute Force Attack Simulator
Multithreaded C++ brute-force simulator using pthreads to benchmark password-cracking attempts-per-second and analyse keyspace complexity - illustrating real attack surfaces for security training.
C++MultithreadingpthreadsPassword Security
07 · TRYHACKME · TOP 3% GLOBAL
TryHackMe - 5 Completed Learning Paths
Completed Pre-Security, Cyber Security 101, Jr. Penetration Tester, Web Fundamentals, and Web Application Pentesting. Ranked globally Top 3% from millions of practitioners worldwide.
Web App PentestingJr. Pentest PathSOC FundamentalsEnumeration
Writing

Research. Walkthroughs.
Field Notes.

Dive into how I think through risk, exploitation, and defense.

Open Blog Start a Conversation
0 posts live
Categories: Essays + Walkthroughs
Loading posts...
Credentials

Verified. Earned.
Proven.

Certified in Cybersecurity (CC)
ISC2
Google Cybersecurity Professional Certificate
Google · Coursera
Google IT Support Professional Certificate
Google · Coursera
IBM Cybersecurity Analyst
IBM · Coursera
Certified Digital Forensic Investigator
Quick Heal
Securing Computer Systems
Quick Heal
Cybersecurity Analyst Job Simulation
Tata · Forage
Introduction to Ethical Hacking
CompTIA
BSc Hons CS – Cyber Security
(CompTIA tie-up) A+, Network+, Linux+, Security+, Pentest+
Lovely Professional University · 2026
TryHackMe - 5 Completed Learning Paths
Jr. Pentest · Web App Pentesting · CS 101 · and more
Recognition

Why I Stand Out

🥇
Top 1% of the Cybersecurity cohort at Lovely Professional University
2023 – 2026
🎯
Ranked Top 3% globally on TryHackMe - millions of practitioners worldwide
2025
💡
12 critical vulnerabilities identified on a live production system - real pentest, not a simulation
2024 – 2025
🏆
Best Information Technology Student - Hoërskool Ben Viljoen
2020 – 2022
📈
35% revenue growth in 3 months at Eduflex Academy through digital transformation
2024
🌍
Grade 11 Sekhukhune District Top 100 · Academic Top 10%
2021
Contact

Let's Work Together

Actively seeking roles in Full-Stack Software Engineering, penetration testing, DFIR, and security engineering. Visa sponsorship required. Open to relocation worldwide.

leonakokerai@outlook.com