Offchainer
Several years seasoned offchain pentester, researcher and developer
@chain-breaker
asr
Biography
For the past 3 years I have performed offchain (web2) pentests for several web3 companies:
- Web apps (DApps included) and APIs
- Mobile apps (iOS and Android), like wallets
- Browser extensions (like wallets)
- Cloud hardening (AWS, GCP, Azure, Kubernetes, Github, Cloudflare and some more platforms)
- Bridges
- Internal network assessments (on-premise and in cloud)
- External attack surface/Red Teams*
- I have done all the previous assessments in Whitebox (with code review) and Blackbox (as an external attacker) modes
Before focusing on web3 companies I worked several years as pentester for all kind of companies (Banks, Tech, Retail...)
I have several certs: OSCP, OSWE, OSMR, RTO, htARTE, htGRTE, all HTB Blacksky, CARTP, and more
I'm a graduated engineer with master in cybersecurity
I have also given talks about my researches in several international conferences like DEFCON 2023 (main track), HackSpaceCon (2023, 2024), RootedCON (2022, 2023 & 2024), and many more.