Martin Vigo

Lead Offensive Security Engineer at Triskel Security

Barcelona, Catalonia, Spain
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Martin Vigo is a seasoned security researcher, red teamer, and founder with 12 years of experience delivering offensive security research, tooling, and SaaS posture improvements from Barcelona. He has led red team operations at Meta, driven product security and authentication work at Salesforce, and now shapes offensive SaaS research as AppOmni’s Lead Offensive Security Engineer while running Triskel Security. An active open-source contributor, his Metasploit enhancements for LastPass credential retrieval and his OSINT tool for email-to-phone discovery demonstrate deep crypto, credential, and exploitation expertise. He also hosts a Spanish cybersecurity podcast, Tierra de Hackers, and advises on privacy and security strategy, blending hands-on offensive skill with community mentoring and public-facing research. An unusual strength is his track record of shipping practical tooling that adapts quickly to changing APIs and defenses, bridging academic rigor with operator-level tradecraft.
code11 years of coding experience
job15 years of employment as a software developer
bookBachelor in Computer Science Programming languages Software engineering Computer architecture Web Technologies Databases, Bachelor in Computer Science Programming languages Software engineering Computer architecture Web Technologies Databases at Universidad de Oviedo
bookBachelor in Computer Science Programming languages Software engineering Computer architecture Web Technologies Databases, Bachelor in Computer Science Programming languages Software engineering Computer architecture Web Technologies Databases at Fachhochschule Oldenburg/Ostfriesland/Wilhelmshaven
bookEuropean Master on Software Engineering Software Engineering, European Master on Software Engineering Software Engineering at Blekinge Institute of Technology
bookBachelor in Computer Science Programming languages Software engineering Computer architecture Web Technologies Databases, Bachelor in Computer Science Programming languages Software engineering Computer architecture Web Technologies Databases at Universidad de La Laguna
bookCollege in Computer Systems Administration System administration Programming languages Databases, College in Computer Systems Administration System administration Programming languages Databases at Los Sauces
bookEuropean Master on Software Engineering Software Engineering, European Master on Software Engineering Software Engineering at Universidad Politécnica de Madrid
languagesSpanish, English, German, Galician
stackoverflow-logo

Stackoverflow

Stats
143reputation
16kreached
0answers
9questions
github-logo-circle

Github Skills (34)

apim10
osi10
python10
vulnerability10
it-security10
user-authentication10
authentication10
webscraping10
ruby10
security10
security-vulnerability10
api10
password-manager10
cryptography10
http-request10

Programming languages (4)

JavaScriptHTMLRubyPython

Github contributions (5)

github-logo-circle
martinvigo/email2phonenumber

Mar 2019 - Feb 2022

A OSINT tool to obtain a target's phone number just by having his email address
Role in this project:
userBack-end Developer
Contributions:24 commits, 3 PRs, 12 pushes in 2 years 11 months
Contributions summary:Martin primarily contributed to the development of an OSINT tool designed to find a target's phone number via their email address. Their work involved implementing the core functionality of the tool, including interacting with various online services (Amazon, Twitter, Lastpass, Ebay, and Paypal) to obtain masked phone numbers. They introduced features such as number pooling, proxy support, and caching to improve the tool's efficiency and reliability. Furthermore, they debugged and adapted the code to account for changes in the target websites' APIs.
pythonemail-addressosintaddresshis
rapid7/metasploit-framework

Sep 2014 - Feb 2016

Metasploit Framework
Role in this project:
userBack-end Developer & Security Engineer
Contributions:44 commits, 1 PR, 20 comments in 1 year 5 months
Contributions summary:Martin's primary contribution was enhancing the `metasploit-framework` by implementing LastPass credential retrieval capabilities. They focused on retrieving the randkey from LastPass and subsequently using it for decrypting vault keys. Their work included extracting and decrypting master login accounts and passwords, encryption keys, 2FA tokens, and the vault passwords. The user demonstrated security skills by addressing vulnerabilities related to password storage and retrieval.
metasploitmetasploit-framework
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Martin Vigo - Lead Offensive Security Engineer at Triskel Security