João Figueiredo

Risk And Fraud Consultant at INFORM GmbH - Optimization Software

Lisbon, Portugal
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
João Figueiredo is a Risk and Fraud Consultant with 11 years of experience blending software engineering, revenue assurance and telecom analytics across Europe and the Middle East. He began as a Java/PL-SQL developer at Accenture and progressed to technical team lead roles integrating RAID and ETL solutions for telcos before moving into pricing and risk projects with Matrixx and INFORM. Comfortable in Unix environments, shell scripting and data mining workflows, he pairs hands-on technical delivery with business-facing assurance expertise. An active security-minded engineer, he has contributed significant exploits and tooling to a Java deserialization security project on GitHub, reflecting deep operational knowledge of backend vulnerabilities. Based in Lisbon, he brings a pragmatic mix of telecom domain experience and offensive-security insight that helps pinpoint and mitigate complex fraud and revenue leakage.
code11 years of coding experience
job2 years of employment as a software developer
bookUniversità degli Studi di Pavia / University of Pavia
bookMestre em Engenharia Electrónica e de Telecomunicações, Engenharia Electrónica e de Telecomunicações, Mestre em Engenharia Electrónica e de Telecomunicações, Engenharia Electrónica e de Telecomunicações at Universidade de Aveiro / University of Aveiro
languagesEnglish, Italian
github-logo-circle

Github Skills (14)

javas10
deserialization10
vulnerabilities10
exploit10
develop10
reverse-shell10
java10
vulnerability10
security10
web-application-security9
it-security9
proxy8
http-proxy8
groovy8

Programming languages (4)

JavaShellHTMLPython

Github contributions (5)

github-logo-circle
joaomatosf/jexboss

Nov 2014 - Mar 2017

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
Role in this project:
userBack-end & Security Engineer
Contributions:69 commits, 3 PRs, 49 pushes in 2 years 4 months
Contributions summary:João primarily contributed to the development of a Java-based exploitation tool focused on JBoss and Java Deserialization vulnerabilities. They added several exploits for various attack vectors, including those targeting the JMX console, web console, and JMXInvokerServlet. The user improved the tool's functionality by incorporating the support for HTTP proxies, various command execution techniques on Windows, and added new payloads for reverse shell connections. They also added new gadgets to exploit multiple application servers that has commons-collections or groovy libs in the classpath.
exploiting-vulnerabilitiesjbossdeserializationreverse-shellsecurity
joaomatosf/JavaDeserH2HC

Sep 2017 - Mar 2022

Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Contributions:19 commits, 18 pushes, 1 branch in 4 years 6 months
jvm-bytecodejbossdeserializationreverse-shelljavadeser
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
João Figueiredo - Risk And Fraud Consultant at INFORM GmbH - Optimization Software