Laurent Gaffié is a cybersecurity leader and CEO based in Montevideo with over a decade of hands-on experience in offensive security, specializing in Windows core networking protocols and advanced internal network, wireless and web application penetration testing. He has spent 20 years helping governments, banks and large enterprises harden critical infrastructure—from SCADA and highway signalisation to national payment systems—and led network testing practices at SpiderLabs/Trustwave. An active tool author and contributor, Laurent is known for Responder and PCredz work that manipulates SMB/RDP/NTLM authentication flows and improves protocol-level testing and evasion techniques. He combines deep vulnerability research and fuzzing expertise with practical red-team craft, frequently uncovering high-risk vendor disclosures and driving secure coding and review engagements. As an independent pentester and now CEO of Secorizon, he blends technical inventiveness with consulting and practice leadership, often improving tools to operate in constrained Windows environments.
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Role in this project:
Security Engineer
Contributions:40 commits, 27 PRs, 40 pushes in 3 years 6 months
Contributions summary:Laurent contributed significantly to the Responder project, which is a network poisoning tool. Their work primarily involved fixing bugs, adding features related to network security and authentication protocols (LLMNR, SMB), and improving the tool's functionality. They addressed issues related to SMB authentication, added a version flag, and improved evasion techniques related to NAC/IPS detection. The user's changes also included logging command-line arguments for debugging and troubleshooting purposes.
Contributions:16 commits, 15 pushes, 1 branch in 1 year 9 months
Contributions summary:Laurent appears to be involved in hardening or extending the capabilities of the `responder-windows` project, specifically focusing on network security and penetration testing aspects. Contributions include modification of network packet structures (src/packets.py), enhancing the functionality of tools for network attacks within the Windows environment, and implementing features related to authentication and network reconnaissance. The changes involve modifying existing binaries and incorporating WMIC calls to improve functionality and stability.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.