Rodolfo Assis

Co-Founder

Belo Horizonte, Minas Gerais, Brazil10 yrs 6 mos experience

Key Highlights

  • Founder of KNOXSS, a leading XSS detection tool.
  • Over 10 years of expertise in web security.
  • Published research and talks at major security conferences.
Stackforce AI infers this person is a Cybersecurity expert specializing in web application security and vulnerability research.

Contact

LinkedIn

Skills

Core Skills

Web Application SecurityVulnerability ResearchCybersecurity ToolsIt Security AssessmentsNetwork ProtocolsIt ManagementLeadershipInformation TechnologyTechnical Support

Other Skills

Analytical CapabilityAnalytical SkillsApplication SecurityBashCode ReviewCommunicationCybersecurityEthical HackingHTMLIT GovernanceITILInternet Protocol Suite (TCP/IP)JavaScriptKali LinuxLinux Server

About

As an independent information security researcher and consultant, I help clients to identify and mitigate web vulnerabilities, especially Cross-Site Scripting (XSS), the most common and dangerous security flaw of the web. With 10+ years of experience in the information security field, I have developed a deep knowledge and passion for XSS and web security evasions, which I share online and offline with the information security community. I am the founder and developer of KNOXSS, an online tool that automates XSS detection and proof. It has helped thousands of pentesters and bug hunters to find and exploit XSS vulnerabilities in live websites, including Big Tech ones like Oracle, Samsung, Uber, Apple, Amazon and Microsoft. I also publish research, content, and resources on XSS and web security evasions, such as my blog, my booklet and my talks at DEFCON and other events. My goal is to raise awareness and educate about the importance and impact of those subjects, contributing to a more secure and resilient web.

Experience

10 yrs 6 mos
Total Experience
2 yrs 3 mos
Average Tenure
--
Current Experience

Ambev

Systems Security Specialist

Jun 2022May 2023 · 11 mos · Remote

  • Red team activities like but not limited to: vulnerability discovery, penetration testing and security assessments.
Network ProtocolsSoftware DevelopmentSQLInternet Protocol Suite (TCP/IP)Information TechnologyCode Review+12

Godaddy

Vulnerability Analyst

Apr 2017Dec 2017 · 8 mos · Greater Belo Horizonte

  • Research, creation and analysis of test cases for company's firewall evasion (bypass).
Network ProtocolsSQLInternet Protocol Suite (TCP/IP)Information TechnologyCode ReviewMicrosoft Office+10

Brute logic

CyberSecurity Researcher & Consultant

Dec 2016Present · 9 yrs 4 mos · Belo Horizonte Area, Brazil

  • Research and creation of social media content on hacking and offensive security. Development and maintenance of KNOXSS, an online tool (SaaS) for Cross-Site Scripting detection and proof.
Web Application SecurityJavaScriptBashLinux ServerVulnerability Research

Sucuri inc.

Vulnerability Analyst

Jul 2015Dec 2017 · 2 yrs 5 mos

  • Research, creation and analysis of test cases for company's firewall evasion (bypass).
Network ProtocolsSoftware DevelopmentSQLInternet Protocol Suite (TCP/IP)Information TechnologyCode Review+11

Universidade federal de minas gerais

Information Technology Manager

May 2014Nov 2015 · 1 yr 6 mos

  • Management of the IT department of Physical Education College.
Network ProtocolsInternet Protocol Suite (TCP/IP)Information TechnologyMicrosoft OfficeLeadershipAnalytical Skills+7

Cemig

3 roles

IT Security Analyst

Promoted

Jan 2011Jan 2012 · 1 yr

  • Security assessments of internal systems.
Network ProtocolsSQLInternet Protocol Suite (TCP/IP)Information TechnologyCode ReviewMicrosoft Office+12

IT Analyst

Promoted

Jan 2010Jan 2011 · 1 yr

  • Analysis of IT services performance.
Information TechnologyMicrosoft OfficeAnalytical SkillsAnalytical CapabilityCommunicationProblem Solving+3

Production Controller

Jan 2006Jan 2010 · 4 yrs

  • Monitoring and control of production jobs (billing and collection).
Information TechnologyMicrosoft OfficeAnalytical CapabilityCommunicationProblem SolvingTechnical Support+1

Education

Anhanguera Educacional

Postgraduate Degree — Artificial Intelligence

Jan 2024Oct 2024

Estácio

IT Management — Computer/Information Technology Administration and Management

Jan 2014Jan 2016

Universidade Federal de Juiz de Fora

IT Technician — Informatics

Jan 1993Jan 1995

Stackforce found 100+ more professionals with Web Application Security & Vulnerability Research

Explore similar profiles based on matching skills and experience

GS

Gaurav Singh

Associate - VAPT | Security Testing (Risk Advisory)

at PwC

Nagpur, India2 yrs 8 mos exp
Application SecurityVulnerability Assessment and Penetration Testing (VAPT)
Faiyaz Ahmad

Faiyaz Ahmad

Offensive Security Engineer

at Confidential

Bihar, India3 yrs exp
CybersecurityPenetration Testing
Sandeep H.

Sandeep H.

Founder & CEO

at AppSecure Inc.

Singapore, Singapore9 yrs 9 mos exp
Ethical HackingPenetration Testing
Mahima Dongre

Mahima Dongre

Associate Security Consultant

at Varutra Consulting

Pune, India5 yrs 2 mos exp
API TestingCybersecurity
Soumya Aggarwal

Soumya Aggarwal

Senior Application Security Engineer

at FinThrive

Gurugram, India9 yrs 5 mos exp
Praful Agarwal

Praful Agarwal

Principal Security Engineer

at Atlassian

Noida, India20 yrs 3 mos exp
Application SecurityInformation Security AnalysisProduct SecuritySecurity ArchitectureSecurity Management
soulaimane bouabid

soulaimane bouabid

Accumulated Expertise

at Career-Wide Experience

Casablanca, Morocco0 mo exp
Thai Duong

Thai Duong

Chief

at Calif

Mountain View, United States21 yrs 1 mo exp
CryptographyInformation Security