Vitor Fernandes

Research Scientist at Bug Bounty

Paraíba, Brazil
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

👤
Senior
🎓
Top School
Vitor Fernandes is a research scientist and offensive security professional with nine years of experience specializing in vulnerability analysis and defensive measures. He blends blockchain security research across EVM (Solidity), Substrate (Rust/ink!), Near Protocol (Rust) and Radix (Scrypto) with traditional web application hardening. His open-source work includes hands-on contributions to Globocom’s secDevLabs, implementing realistic NoSQL injection scenarios and securing full-stack applications to help train developers. Based in Paraíba, Brazil, Vitor holds a Bachelor's in Information Systems from Universidade Federal da Paraíba and pairs academic grounding with practical labs and tooling that make complex vulnerabilities teachable. He’s equally comfortable auditing smart contracts and shoring up backend systems, often surfacing subtle attack vectors that teams initially overlook.
code9 years of coding experience
bookBachelor’s Degree, Information Systems, Bachelor’s Degree, Information Systems at Universidade Federal da Paraíba
languagesPortuguese, English
github-logo-circle

Github Skills (13)

security10
nodejs10
develop10
mongodb10
vulnerability10
mongodb-database10
expressjs9
javascript9
bash7
docker6
python6
dockers6
tornado5

Programming languages (5)

TypeScriptJavaJavaScriptPHPPython

Github contributions (5)

github-logo-circle
globocom/secDevLabs

Oct 2019 - Oct 2019

A laboratory for learning secure web and mobile development in a practical manner.
Role in this project:
userBack-end & Security Engineer
Contributions:23 commits, 2 PRs, 14 comments in 15 days
Contributions summary:Vitor's primary contributions involve developing and securing web applications within the context of learning secure web and mobile development. They implemented a NoSQL injection vulnerability app, including setup and validation scripts. The user also made changes to the application's back-end (app.js, db.js), which involved integrating MongoDB, implementing login/register functionality, and managing environment variables. Additional contributions included modifications to the application's front-end and deployment configurations, further highlighting a focus on full-stack development and security.
securelaboratorysecuritymobile-developmentvulnerabilities
vitor-fernandes/exploits

Jul 2018 - Dec 2021

Contributions:17 commits, 15 pushes, 1 branch in 3 years 4 months
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Vitor Fernandes - Research Scientist at Bug Bounty