Ігор Вишневський Історії 22 June 2026, 09:00

"Ukraine will be in the top in cybersecurity!" A schoolboy from Zhytomyr has been interested in cybersecurity since he was 12 years old, and this year he won the CTF Junior League. He told why his future dream is Red Team

Daniil Zhabrovets, a 17-year-old student of Lyceum No. 1 in Zhytomyr, as part of the RJ 45 team, recently became the winner of the CTF Junior League-2026.

This is a large-scale all-Ukrainian team competition in cybersecurity for young people (schoolchildren, students of vocational schools and universities), where teams solve practical tasks related to web security, cryptography, reverse engineering, OSINT, artificial intelligence, etc.

«My previous teammates wrote NMT and, unfortunately, could not attend the final»

This competition was held in two stages. The first stage was held online in April on the Unit Range platform, and initially I participated with the Cyber Rangers team. We met on Discord calls and solved discipline tasks. After that, we moved on to the second stage, which was already held offline in Kyiv.

But it turns out that in the first stage I was with one team, and in the second — with another. It so happened that on the day of the finals my previous teammates were writing NMT and, unfortunately, could not attend the competition.

In general, I was invited to participate in the CTF Junior League-2026 competition by a cybersecurity teacher from Zhytomyr Polytechnic University, who was familiar with my abilities.

What tasks were set for us in the final? For example, we were given a target — basically, it was either some archive of files or an IP address. And we had to either connect to this IP address and answer a series of questions that were asked, or unzip the archive, find certain files there, examine them, find hidden flags in them, and also answer a series of questions about it.

I can confidently say that of all the CTFs I’ve participated in, this one was one of the most difficult. Almost all the tasks were really hard to do. There were some relatively easy ones — for example, at the end of the finale you just had to connect to a Windows computer and find out what commands were entered into the system earlier. However, there were also some very difficult ones.

In one of the tasks of the first stage, it was necessary to conduct a multi-stage steganographic analysis using Fourier series.

For some tasks we had to write decryptors, for others we had to dig into the code of ready-made programs and investigate how they work. For this we could choose auxiliary tools ourselves — such as Ghidra, IDA Pro and the like.

«It all started when I was eight…»

I started getting interested in cybersecurity when I was about 12, but as for technology and programming, it all started probably when I was eight. Then I came to the SHAG computer academy for summer courses, a kind of «summer camp». I liked it and after that I started going to them for training. During the first course, we studied several different topics, among which was Python. Later, I began to delve into the topic of Python myself, started looking for like-minded people. I found a like-minded person also from Zhytomyr, who at that time was already interested in cybersecurity.

He told me about Termux — it’s a terminal emulator for your phone.

I started to delve deeper into this whole thing, started following different bloggers, and, as a result, started studying cybersecurity myself.

When I reached a more or less normal level, I joined the cyber team of Zhytomyr Polytechnic University and then we started to improve our knowledge together. Although I am still studying at school, not at university, at the moment my skills are enough to help students pass all CTFs and «defuse» quite difficult situations.

As for my parents, they really have very high hopes for me and are extremely supportive of my passion for cybersecurity.

As for my classmates, I didn’t advertise to them that I was working on the topic of cybersecurity, but maybe they know about it from my Instagram.

I think that from my class, besides me, this might be interesting to at most one person.

Pen samples: a hexadecimal file editor and an electronic journal for high school

As for some applied things I’ve been doing lately, last year I wrote a program for a competition — a hexadecimal file editor.

The main idea was to create an open-source project that could help me and my like-minded people in the field of cybersecurity. I decided to develop it exclusively for Linux, using Xlib as a base.

The project is currently on my GitHub, and I plan to improve it in the future.

Also, the year before last, I was developing an electronic magazine for the lyceum. It was an attempt to do something useful for the educational institution. On my part, there was a little lack of involvement, concentration, and desire to «pull» it into a full-fledged product, but the blanks were there. I’m not sure that it is currently supported in any way, because the lyceum currently uses a general standard solution for this functionality. Unfortunately, I haven’t fully developed my magazine.

This year, I started to delve deeper into C and tried to implement two complex projects at once: a command shell and a messenger. In the command shell, I managed to recreate most of the basic elements, but, unfortunately, I had some difficulties with pipeline processing. The situation with the messenger is much better — I was able to correctly configure sockets, ensure a successful TCP handshake and data transfer in its pure form. In the future, I plan to add asymmetric encryption using the Diffie-Hellman protocol and a graphical interface, since the project is currently implemented exclusively as a CLI version.

In addition, I help parents, friends, and acquaintances solve all technical issues related to computer technology and software. I don’t have a part-time job yet, because I’m putting all my energy into studying, but they can turn to me for help.

Vision of the future

As for my further studies at the university, I am fully focused on cybersecurity — I see it as my future profession and I want to move further in this direction. This is what I want to do — and it does not matter whether the cybersecurity direction will be the most financially profitable for me as a future specialist.

I am particularly interested in the Red Team direction. The work in the Red Team direction is impressive for several reasons. First, the Blue Team’s defensive actions are mostly theoretical in nature. However, sometimes theoretical calculations can have errors.

Red Team, through its practical approach, helps close these theoretical gaps and improve product safety.

Secondly, the work of the Red Team is like an art. Different vulnerabilities require different approaches, and in large projects they also need to be combined. Therefore, specialists working in this area almost never repeat the same thing. There is much less routine in the Red Team than in the Blue Team. Moreover, during the war this is more relevant than ever — Russian cybercriminals attack Ukrainian websites and servers.

By simulating a real attack and thinking like real hackers, Red Teams can fix potential attack vectors before attackers find them, leaving hackers in the aggressor country with nothing.

However, for us, this is more of a Purple Team job, a team that combines Red Team and Blue Team specialists. Such teams can close vulnerabilities faster, which is the main task during war.

Unfortunately, it is difficult to discuss real cases here, because most Red Teams sign a non-disclosure agreement.

I also admire the work of Ukrainian «white hackers», but I don’t follow them closely. Among Ukrainian cyber experts, I mostly follow OSINT specialists and agencies related to this area of activity.

I think that the problems with the cybersecurity industry in Ukraine are mostly related to the lack of strong specialists and the state of war. I am sure that after the victory, Ukraine will be in the first places of the top in cybersecurity in the world, since now our specialists very often apply their knowledge in practice and, accordingly, increase their level of qualification.

A Ukrainian schoolgirl from Dnipro became the absolute winner of the European Girls' Olympiad in Informatics — for the first time in the country's history

A schoolboy from Pokrovsk has developed an AI dictionary for learning sign language. How the invention works

“I became interested in programming at 14. And at 16 I was already at EPAM.” What it’s like to work in an international IT company from a school desk: the story of a young developer