Matteo Lodi

Detection Engineer at The Honeynet Project

Carpi, Emilia-Romagna, Italy
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Matteo Lodi is a Detection Engineer with eight years of hands-on experience in threat intelligence, malware analysis and security-focused software development. He led R&D and coordinated cross-functional teams as Threat Intelligence Team Leader at Certego, and now contributes at VMRay while administrating the popular open-source IntelOwl project (2k+ GitHub stars). A SANS "Lethal Forensicator" awardee, Matteo has improved widely-used analysis tooling—contributing to Cortex analyzers and enhancing oletools’ VBA/XLSM detection—to reduce false positives and bolster automation. He volunteers as a mentor and organizer for The Honeynet Project and Google Summer of Code, blending community-driven open source work with applied research. Based in Carpi, Italy, he teaches incident response and threat intelligence and is known for turning deep reverse-engineering insights into reliable detection solutions.
code8 years of coding experience
job1 year of employment as a software developer
bookPost graduate Course in Cyber Security (CyberAcademy), Post graduate Course in Cyber Security (CyberAcademy) at Università degli Studi di Modena e Reggio Emilia
bookTraditional course, Traditional course at Liceo Scientifico
languagesItalian, English
stackoverflow-logo

Stackoverflow

Stats
1reputation
0reached
0answers
0questions
github-logo-circle

Github Skills (17)

json10
apim10
computer-forensics10
python10
analyzer10
macros10
vba10
security10
api10
malware10
anti-malware10
parserator9
openxml9
parser9
incident-response9

Programming languages (13)

PowerShellC++CSSCGoHTMLTypeScriptShell

Github contributions (5)

github-logo-circle
decalage2/oletools

Jan 2020 - Sep 2020

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
Role in this project:
userSecurity Engineer
Contributions:2 reviews, 10 commits, 2 PRs in 8 months
Contributions summary:Matteo primarily contributed to the enhancement of the `olevba` tool, which is designed to analyze MS Office documents for security vulnerabilities. They added new methods for detecting and decrypting encrypted VBA files, extracting XLM macros from newer XLSM formats, and detecting template injection attempts within OpenXML files. Furthermore, they refined the tool's ability to identify suspicious keywords and adjusted command detections to reduce false positives, thereby improving the tool's accuracy in identifying malicious code.
extractionpythonforensicsms-officestorage
Cortex Analyzers Repository
Role in this project:
userBack-end Developer
Contributions:6 commits, 3 PRs, 7 comments in 5 months
Contributions summary:Matteo contributed to the development of analyzers for the Cortex platform, specifically focusing on integrating with external threat intelligence services like AbuseIPDB and Intezer Community. Their work involved writing Python code to interact with APIs, parse JSON responses, and generate reports. They also improved error handling and added templates for the analyzers, likely for reporting the analysis results within Cortex. The user demonstrates skills in API integration and the creation of tools for threat intelligence enrichment.
cortexpythoncyber-threat-intelligencedfirincident-response
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Matteo Lodi - Detection Engineer at The Honeynet Project