Paolo Stagno

Director Of Research at Crowdfense

Abu Dhabi Emirate, United Arab Emirates
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Paolo Stagno is a director-level vulnerability researcher and exploit developer with 12 years of hands-on experience uncovering zero-days across Windows, enterprise apps, IoT and network infrastructure for clients ranging from top-tier banks to government customers. Formerly an elite researcher at Exodus Intelligence and now leading research at Crowdfense, he combines deep reverse-engineering and kernel/user-land exploitation expertise with practical threat intelligence and high-assurance compliance workflows. Paolo has discovered vulnerabilities in software from major tech vendors and contributes to open-source tooling such as the InQL GraphQL extension, where he enhanced introspection and template generation features. A prolific speaker and trainer in the global infosec community, he pairs offensive research rigor with a clear focus on producing actionable mitigations and exploit artifacts. Based in Abu Dhabi, he brings a rare mix of boutique consultancy experience and enterprise-scale zero-day program leadership.
code12 years of coding experience
job6 years of employment as a software developer
bookUniversity of Milan
bookPerito Industriale Capotecnico - Specializzazione Informatica, Perito Industriale Capotecnico - Specializzazione Informatica at Istituto Amedeo Avogadro
languagesItalian, English, Arabic
github-logo-circle

Github Skills (13)

graphql10
security-txt10
wpgraphql10
python10
security-scan10
wordpress-graphql10
security10
http-request9
security-scanner9
apidoc9
api9
penetration-testing8
burp8

Programming languages (10)

TypeScriptC#ShellC++CJavaScriptHTMLRuby

Github contributions (5)

github-logo-circle
doyensec/inql

Apr 2018 - Jul 2019

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Role in this project:
userBack-end Developer & Security Engineer
Contributions:41 commits, 8 PRs, 30 pushes in 1 year 3 months
Contributions summary:Paolo primarily contributed to the development and improvement of a GraphQL introspection tool, which involved writing Python code to query GraphQL endpoints, parse responses, and generate documentation. They enhanced the tool's functionality by introducing features such as subscription type handling and template generation for queries, mutations, and subscriptions. Furthermore, the user addressed several bug fixes and syntax errors while also improving the overall documentation output and code readability.
security-auditsecurity-toolsburpsuitesecurityburp-extensions
VoidSec/voidsec

May 2021 - Nov 2022

Contributions:17 commits, 18 pushes, 1 branch in 1 year 6 months
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Paolo Stagno - Director Of Research at Crowdfense