"When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl."

-- Anonymous

I'm Marco Ivaldi, a seasoned security researcher and tech leader with25+ years of experience, specializing in offensive security, from old school X.25 to modern mobile apps. I work as technical director atHN Security, a boutique company I co-founded that provides tailored offensive security services.

As a polyglot programmer ofweird machines, I studyhow things can go wrong. I'm a core developer of theOSSTMM, the international standard for security testing. I've published many articles in various computing magazines, includingPhrack, and I've co-authored some books, such as the popularHacking Exposed Linux. I've presented my research at prestigious international conferences, includingInfiltrate. I've recently earned the title ofMost Valuable Security Researcher from Microsoft. Back in the 90s, I co-foundedLinux&C, the first Italian magazine about Linux and the open source movement.

I write code mainly in:

Popular repositoriesLoading

1. frida-scriptsfrida-scriptsPublic

   A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.

   JavaScript 1.3k 229

2. tactical-exploitationtactical-exploitationPublic

   Modern tactical exploitation toolkit.

   Python 842 121

3. semgrep-rulessemgrep-rulesPublic

   A collection of my Semgrep rules to facilitate vulnerability research.

   C 614 66

4. exploitsexploitsPublic

   A handy collection of my public exploits, all in one place.

   C 606 114

5. ghidra-scriptsghidra-scriptsPublic

   A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.

   Java 247 29

6. blindsightblindsightPublic

   Red teaming tool to dump LSASS memory, bypassing basic countermeasures.

   Rust 207 25