Marco Ivaldi
Co-Founder And Technical Director at The Institute for Security and Open Methodologies
Italy
Summary
🤩
RockstarMarco Ivaldi is a seasoned offensive security researcher and technical leader based in Italy, with over 25 years of hands-on experience and currently Co-Founder and Technical Director at HN Security and Humanativa Group. As a core developer of the OSSTMM and long-standing member of the Institute for Security and Open Methodologies, he blends standards-level thinking with practical red-teaming, exploitation and threat modeling. A Phrack author, Microsoft Most Valuable Security Researcher and Zero Day Quest hacker, Marco publishes public exploits and toolkits—ranging from a curated exploits repo to Frida scripts for iOS and a tactical AD/SMB exploitation toolkit—demonstrating deep system-internals expertise across Linux, Solaris, Windows and mobile. He’s a polyglot “weird machines” programmer who moves easily between technical writing, project leadership and hands-on vulnerability research, equally comfortable defining testing methodologies as shipping reliable, working exploits.
8 years of coding experience
21 years of employment as a software developer
Italian, English, French, Croatian
Github Skills (34)
objective-c10
ios10
python10
mysql10
information-gathering10
vulnerability10
frida10
linux10
c1110
smb10
c1710
exploit10
exp10
active-directory10
solaris10
Programming languages (11)
Github contributions (5)
0xdea/tactical-exploitation
Sep 2017 - Jan 2023
Modern tactical exploitation toolkit.
Role in this project:
Security Engineer
Security EngineerContributions:88 commits, 1 PR, 91 pushes in 5 years 5 months
Contributions summary:Marco primarily contributed to a toolkit designed for Windows and Active Directory tactical exploitation. Their work involved creating and refining tools for information gathering and brute-force attacks against SMB, SMTP, and HTTP protocols. The contributions included scripts for user enumeration, password policy retrieval, and mass web screenshot functionality, along with enhancements and style updates to existing tools. The user demonstrated a focus on exploiting vulnerabilities related to information leakage and SMB protocols within Windows environments.
exploitationtacticalactive-directorybrute-forceinformation-gathering
0xdea/exploits
Jul 2017 - Jan 2023
A handy collection of my public exploits, all in one place.
Role in this project:Security Engineer
Security EngineerContributions:74 commits, 74 pushes, 1 branch in 5 years 7 months
Contributions summary:Marco is focused on identifying and exploiting vulnerabilities in various software and systems. Their commits involve writing and modifying exploits for different platforms, including Linux, Solaris, and MySQL. The primary focus is on local privilege escalation and remote code execution, demonstrating a deep understanding of system internals and security vulnerabilities. The exploits target buffer overflows, format string bugs, and other vulnerabilities to gain unauthorized access or control.
placebuffer-overflowmuslmysqlall-in-one
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.