WHOAMI

I'm the one and only cybersecurity thinker and philosopher, with hacking skills, and occasionally researcher and enthusiast, addicted to computer and network (in)security, being the creator of T50 and the only Brazilian researcher to speak at the extinct PH-Neutral Conference (invite-only) in Berlin.

Also, I have completed some researching work on (now using GitHub):

• Permutation Oriented Programming – a completely different and powerful approach to research and analyze vulnerabilities and which can be applied to both offensive and defensive approach.
• SQL Fingerprint powered by ENG⁺⁺ Technology – a tool designed to perform version fingerprinting for Microsoft SQL Server 2000, 2005, 2008, 2008 R2, 2012, 2014, 2016 and 2017, as well as capable to describe the patch-level for them. 
• An unpublished technology preview (prototype) version is also capable to identify Microsoft SQL Server related vulnerabilities with no hazard and no authentication.
• T50: an Experimental Mixed Packet Injector – a tool designed to perform stress testing on a variety of infrastructure network devices, covering some regular protocols (ICMP, IGMP, TCP and UDP), some infrastructure specific protocols (GRE, IPSec and  RSVP) and some routing protocols (RIP, EIGRP and OSPF). For further information, please, refer to this link. 
• To help the current version, maintained by Federico Pissarra, please, refer to this link.
• Inception: Reverse Engineer Hands-on – a deep dive experience on a reverse engineering for a client-side vulnerability, showing a full process to start a vulnerability dissection, which resulted in a change of CVE-2008-4844.

In addition to these, I helped with the research/disclosure of some vulnerabilities, which can be found here.

As a sought-after speaker, I have presented – chosen as “Best Speaker of All Time” (Resumão 2023, Resumão 2022) by Anchises Moraes (along with Fernando Mercês and Rodrigo Rubira Branco) and H2HC's top contributor speaker (eight talks – on the way to the ninth talk)  – to industry professionals at conferences, such as:

• IME Cryptology Week (2000/2001)
• CNASI (2000/2004/2005)
• Security Week (2002)
• Gartner (2002)
• CONIP (2004)
• SERPRO/TIC (2006)
• ITA SSI (2006)
• FEBRABAN CIAB Workshop (2009)
• PH-Neutral (2011)
• BSides São Paulo (2012/2018)
• Silver Bullet (2012)
• YSTS (2013)
• The Developer's Conference [SP] (2015) [VIRTUAL] (2021)
• BSides Latam (2016)
• Mind The Sec [SP] (2017) [MG] (2018) [VIRTUAL] (2020)
• ROADSEC [RJ] (2016/2018) [SP] (2017/2018)
• Security Leaders [SP] (2022/2023) [RJ] (2023/2024) [PE] (2023)
• Hacking na Web Day [RJ] (2024)
• BHack (2013/2019/2024)
• H2HC (2006/2009/2010/2011/2015/2016/2017/2019/2024)

For Portuguese speakers, I have an initiative called "Papo Reto", where I talk sporadically with Marcelo Bezerra and, sometimes, we bring some guests.

For further information about me, please, reach me through email.