KK Hack Labs
Changes THE GAME
Hacker, Geeks, and Nerds Oh MY!
VR/AR Development, 3D Printing, Drones, Hacking, and MORE!
Go Shop

Mentorship, Consulting, Career

Kizz’s community focus, mentorships, talks, trainings and everything he has attained is with complete thanks to the Hacking Community. Without the community he would have never learned as much and never been able to succeed. With his love for helping the next generation of hackers, geeks, nerds, techies, and everyone that has an interest in technology, security, or any other topic of conversation he always makes time to chat.

Kizz is available for many opportunities to schedule him for your conference talks and trainings, IS / Security career development sessions, and private hacker / tech events.

Nick “Kizz MyAnthia” Donarski

Kizz is an InfoSec specialist whose qualifications include an in-depth understanding of security principles and practices; C|EH, MCSE +Security CPS designations; and detailed knowledge of security tools, technologies and development. Seven years of security experience in the creation and Testers, deployment of solutions protecting networks, systems and assets for diverse companies and organizations.
Technology Summary
Security: Technologies: Data Forensics, Law Enforcement, chain of custody experience, Network Security Scanners (NeXpose, LanGuard, Qualys, OpenVAS); SSL; Digital Certificates; Anti-Virus Tools (Norton, Symantec, Ghost, etc.); Penetration Testing Frameworks (OWASP, Metasploit, BackTrack); Mobile (Smartphones, Windows Mobile, Android); Real-time GPS Tracking; Communications Security(TxRx, IP/TCP/UDP, Tradecraft); High Threat Environment Risk Analysis; Physical Security Technology (RFID, Magstrip, Lock Picking); Adversarial Machine Learning
Systems: Unix-Based Systems (Solaris, Linux, BSD); Windows (all)
Networking: LANs, WANs, VPNs, Routers, Firewalls, TCP/IP
Software: MS Office (Word, Excel, Outlook, Access, PowerPoint); GFI LanGuard; Rapid7 NeXpose; NMap; Aircrack-ng Suite; Metasploit; RFID IO Tools; Ollydbg; Wireshark; Ettercap; Bluetooth Utilities; Databases (MySQL, MSSQL, PostgreSQL, Oracle); HP WebInspect; Acunetix WVS; Burp; ELK Stack; Tensorflow; PacketBeat; Filestash
An expert in information security and related technologies.
A hacker, a geek, a nerd, a Dad and so much more.
Recent Project Highlights:

Machine Learning & Adversarial Machine Learning: Current trends are pushing organizations to integrate further autonomous systems, deep learning systems, and big data. A focused deep research into both the understanding of how machine learning in its various forms and the potential of the adversarial machine learning model pose both great benefit and potential new security vectors for the enterprises worldwide.

Data Forensics: Computer forensics, or digital forensics, is a fairly new field. Computer forensics investigators, also known as computer forensics specialists, computer forensics examiners, or computer forensics analysts, are charged with uncovering and describing the information contained on, or the state or existence of, a digital artifact. Digital artifacts include computer systems, hard drives, CDs, and other storage devices, as well as electronic documents and files like emails and JPEG images.

PCI Compliance: Currently with Fortune 500 clients to test, develop, secure, remediate, and validate security implementations to provide PCI Compliance. This includes retail operations and systems, eCommerce applications, and the supporting network infrastructure.

Penetration Testing: An active member in the Information Security Community, working with other IS members has developed applications and profiles to streamline and further the testing platforms, applications, and frameworks. Was able to leverage his understanding and ability to “think outside of the box” to leverage attack vectors via uncommon system exploitation methods. One instance was an ability to access a point of sale system to execute commands via a barcode scanner.

Mobile Devices: Specializing in the in-depth understanding of mobile devices and their integration into society he has spent time in development and testing of security posture of these devices. Building on his knowledge has worked to develop similar tools used to perform security audits on computer systems and networks to the smartphone environment.

Social Engineering: Specializing in Social Engineering he has used his technical knowledge and intellect to exploit weaknesses in human behavior. With an understanding of human psychology and behavior he is able to leverage human reactions to display weaknesses in organizations. This information and skill has allowed him to work with organizations to develop security training programs and procedures to ensure that the events do not cause a future incident.

Infrastructure: Led comprehensive security infrastructure upgrades (e.g., firewall/VPN upgrades, intrusion detection, token-based authentication and remote management) for various midsize and large companies.

Risk Management: Protected vulnerable networks following detailed risk assessments. Guided cross-functional teams in the design, validation, acceptance testing and implementation of secure, networked communications across remote sites for several key clients.

Operating Area

Kizz is currently based in Madison, WI and available across the United States and Internationally for projects, presentations, trainings, and engagements.

Recent Posts


Within the Umbraco CMS, a configuration element named “UmbracoApplicationUrl” (or just “ApplicationUrl”) is used whenever application code needs to build a URL pointing back to the site. For example, when a user resets their password and the application builds a password reset URL or when the administrator invites users to the site. For Umbraco versions less than 9.2.0, if the…


The password reset component deployed within Umbraco uses the hostname supplied within the request host header when building a password reset URL. It may be possible to manipulate the URL sent to Umbraco users when so that it points to the attackers server thereby disclosing the password reset token if/when the link is followed. A related vulnerability (CVE-2022-22690) could allow…


NetMaster 12.2 Network Management for TCP/IP and NetMaster File Transfer Management contain a XSS (Cross-Site Scripting) vulnerability in ReportCenter UI due to insufficient input validation that could potentially allow an attacker to execute code on the affected machine.