I’m a self-taught computer hacker from Brazil now working as a security researcher and consultant at Sucuri Security. I’m best known for providing a very useful content in Twitter in the last years on several hacking topics, including hacking mindset, techniques, code (that fits in 140 char) and some funny hacking related stuff. Now my main interest and research involves Cross Site Scripting (XSS), the most widespread security flaw of the web.

I also helped to fix more than 1000 XSS vulnerabilities in web applications worldwide. Some of them include big players in tech industry like Oracle, LinkedIn, BaiduAmazon, Groupon e Microsoft.

I’m currently maintaining and developing an online XSS discovery service, named KNOXSS. It already helped several bug hunters to find bugs and get rewarded.

My motto summarizes what I think has to be done to master computer security:

Don’t learn to hack, #hack2learn.