Also, I have completed some researching work on (NOW USING GITHUB):
- Permutation Oriented Programming – a completely different and powerful approach to research and analyze vulnerabilities and which can be applied to both offensive and defensive approach.
- SQL Fingerprint powered by ENG++ Technology – a tool designed to perform version fingerprinting for Microsoft SQL Server 2000, 2005, 2008, 2008 R2, 2012, 2014, 2016 and 2017, as well as capable to describe the patch-level for them.
- An unpublished technology preview (prototype) version is also capable to identify Microsoft SQL Server related vulnerabilities with no hazard and no authentication.
- T50: an Experimental Mixed Packet Injector – a tool designed to perform stress testing on a variety of infrastructure network devices, covering some regular protocols (ICMP, IGMP, TCP and UDP), some infrastructure specific protocols (GRE, IPSec and RSVP) and some routing protocols (RIP, EIGRP and OSPF). For further information, please, refer to this link.
- Inception: Reverse Engineer Hands-on – a deep dive experience on a reverse engineering for a client-side vulnerability, showing a full process to start a vulnerability dissection, which resulted in a change of CVE-2008-4844.
As a sought-after speaker, I have presented to industry professionals at conferences, such as:
- IME Cryptology Week (2000/2001)
- CNASI (2000/2004/2005)
- Security Week (2002)
- Gartner (2002)
- CONIP (2004)
- SERPRO/TIC (2006)
- ITA SSI (2006)
- H2HC (2006/2009/2010/2011/2015/2016/2017/2019)
- FEBRABAN CIAB Workshop (2009)
- PH-Neutral (2011)
- BSides São Paulo (2012/2018)
- Silver Bullet (2012)
- YSTS (2013)
- The Developer's Conference (2015)
- BSides Latam (2016)
- MIND THE SEC [SP] (2017/2020)
- ROADSEC [RJ] (2016/2018) [SP] (2017/2018)