Romain Bentz is an IT security professional based in Paris with 11 years of hands-on experience in pentesting, Active Directory attacks, and low-level software security. He combines practitioner work at Login Sécurité with community impact as founder of Hackndo Labs, author of a French security blog, and organizer of meet-ups and events like Sigsegv. A frequent open-source contributor, Romain has enhanced prominent tools such as CrackMapExec and Snaffler—adding LSASS credential-dumping modules and refined detection rules for sensitive artifacts. He also teaches advanced pentesting courses and has written in-depth Kerberos and post-exploitation content for Hack The Box. Known for translating complex research into practical tools and tutorials, he often validates understanding by publishing reproducible code and write-ups. His background in engineering and a global travel sabbatical reflect both technical rigor and a broad cultural perspective.
11 years of coding experience
5 years of employment as a software developer
Engineer’s Degree, Informatique, Premier de promo, Engineer’s Degree, Informatique, Premier de promo at Ecole Centrale Paris
Engineer’s Degree, Travaux Publics, Engineer’s Degree, Travaux Publics at Ecole spéciale des Travaux publics, du Bâtiment et de l'Industrie
Contributions:22 releases, 12 reviews, 421 commits in 3 years
Contributions summary:Romain contributed to the development of a CrackMapExec (CME) module for extracting credentials from LSASS using Procdump and the lsassy tool. Their primary work involved implementing the CME module, incorporating the lsassy functionality to remotely dump and parse LSASS memory, and adding database integration to store extracted credentials. The user also made modifications to the setup.py file, indicating their involvement in integrating lsassy within the overall project and made improvements to identify the operating system.
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
Role in this project:
Security Engineer
Contributions:6 commits, 6 PRs, 2 comments in 1 year 2 months
Contributions summary:Romain primarily focused on enhancing the functionality of the security tool, Snaffler, by adding and modifying rules to identify sensitive information. They introduced rules to detect browser password databases from Firefox and Chrome, and added file content rules targeting sensitive strings found within these and other backup files. Moreover, they adjusted existing regex patterns and filename matching strategies to refine Snaffler's ability to detect potentially sensitive data.
haxsecuritycandydeliciouspentesting
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.