Brazilian offensive security researcher with 15+ years breaking web applications. Creator of KNOXSS — the most comprehensive automated XSS service, live since 2016 — and X55.is, a universal XSS delivery domain. Founder of Brute One, an AI assistant for bug bounty hunting with tool execution capabilities and proprietary offensive knowledge.

Author of: First Bounty, The Brute Art of Bypass, SSRF Mastery Series — Fundamentals, the Broken Token Series, and now AfterMath: Crypto Exploitation. Writing Security in Collapse, a cyberpunk doctrine for the Intelligence Age. Building the King of Noobs recon suite on GitHub — reKover, unKover, disKover.

Spoke at BSides Boston 2016, DEF CON 25, and Ekoparty 2025. Ranked #1 globally on Open Bug Bounty in 2015. 1,000+ vulnerabilities disclosed against Oracle, Apple, Microsoft, Samsung, Slack, Uber, LinkedIn. Listed among 200 Global Cybersecurity Influencers by Check Point (2021).