Incoming HvA · Software & Security
Siddharth Sehgal

Sidd Sehgal

Building products.
Breaking systems.

Passionate about software engineering and cybersecurity. building products, solving problems, and breaking things responsibly.

View workRead write-ups
LinkedInGitHubYouTube

2

Apps on App Store

17th

HTB NL Season 9

2

Security Certs

495th

picoCTF 2026

Building
  • HvA Computer ScienceIncoming student — Amsterdam
  • BreachLock InternshipSecurity automation & offensive security
  • Hack The Box Season 10Machines, write-ups, and skill depth

Selected work

Products & systems

Case studies from apps shipped to production and infrastructure I engineer.

Full portfolio

2025

TripCraft

AI-powered travel preparation

Founder

End-to-end iOS product that generates intelligent packing lists, travel journals, and utility tools for global travelers.

SwiftSwiftUIFirebaseHugging Face

Platform

iOS

AI Model

Mistral-7B

Status

Live

View project

2025

StudieBuddie

Student productivity reimagined

Founder

A study companion app with task management, reminders, and Zermelo API integration for automatic class schedule sync across Europe.

SwiftSwiftUIFirebaseZermelo API

Platform

iOS

Sync

Real-time

Status

Live

View project

2025

siddharthsehgal.com

Engineered personal brand

Designer

This site — a performance-first portfolio with SSG write-ups, structured data, OG generation, and a custom design system.

Next.jsTypeScriptTailwind v4Vercel OG

Framework

Next.js 15

Deploy

Vercel

Stack

React 19

View project

Offensive security

CTF & penetration testing

Documented exploitation paths for Hack The Box machines and bug bounty challenges. Structured write-ups with tags, difficulty, and static generation for performance.

HTB Season 8 & 9Security+eJPTpicoCTF 2026 #495PicoMini 2nd
All write-upsCTF track record

Editor

2025-08-04

A Linux machine involving XWiki exploitation via CVE-2025-24893, credential extraction, and PATH hijacking for privilege escalation.

HTB MachineEasy

Era

2025-07-31

A Linux machine involving vhost enumeration, IDOR vulnerability, hash cracking, SSRF exploitation, and binary signing for privilege escalation.

HTB MachineMedium

JinjaCare

2025-06-27

A web application vulnerability challenge focusing on SSTI (Server-Side Template Injection) and RCE exploitation techniques.

Bug Bounty CTF

NeoVault

2025-06-29

A banking web application challenge involving MongoDB Object ID prediction and JWT token exploitation.

Bug Bounty CTF

Let's connect

Open to collaborations, security research, and ambitious builds.

Whether it's a product idea, CTF team, or internship conversation — I'd like to hear from you.

Get in touchLinkedIn