Skip to content

Valdenio Marinho A.K.A. "0xrh0d4m1n"

Independent Cybersecurity Researcher

🧭 Executive Summary

Passionate about cybersecurity, my fascination with hacking began in my youth and has remained a constant drive throughout my career. My journey started with an electrical engineering background, where I acquired a solid foundation in electronics and microcontrollers. Embracing the typical greatest IT minds path and following the path of many IT pioneers, I left academia to carve out my own path, a decision fueled by a desire to apply the robust knowledge base I had acquired. This led me to web development.

Transitioning into web development, I rapidly evolved into a Full Stack Web Developer, a transformation made possible by the unwavering and invaluable support of great mentors around the world. My curiosity soon led me to the cutting-edge technology of blockchain and NFTs, where I was actively involved in innovative projects. However, it was the intricate and dynamic field of cybersecurity that truly captivated me, prompting a deep dive into cryptography and a range of security disciplines.

I have completed top-tier courses on leading cybersecurity platforms, staying ahead of industry trends and mastering the most current practices. My education has been greatly enhanced by hands-on experience in advanced labs, where I've tackled real-world scenarios to hone my skills. Additionally, I have extensively practiced advanced bug bounty hunting techniques, participating in numerous platforms worldwide. This comprehensive, practical experience has not only broadened my technical expertise but also instilled a profound appreciation for the ever-evolving landscape of knowledge in cybersecurity. I am committed to continuing this exhilarating journey, always learning, always adapting, and always pushing the boundaries of what's possible in the digital world. Today, I stand with a profound understanding of cybersecurity, shaped by extensive practice and the humility gained from the Dunning-Kruger effect. I am eager to continue this journey, constantly expanding my knowledge and expertise.

🧰 Skills & Expertise

Technical Skills

  • Penetration Testing

    Simulating cyber attacks to identify and exploit security vulnerabilities.

  • Risk Assessment

    Evaluating and prioritizing potential risks to minimize the impact.

  • Vulnerability Assessment

    Systematically identifying and quantifying security vulnerabilities in systems.

  • Security Operations

    Overseeing and maintaining a secure operational computing environment.

  • Incident Response

    Effectively managing and mitigating cyber incidents to minimize damage and recovery time.

  • Cyber Threat Intel

    Analyzing and interpreting information about potential cyber threats to prevent attacks.

Programming Languages

  • Nim

    I'm still exploring new languages like Nim, trying to adeptly leverage Nim's efficiency and expressive syntax to craft secure, high-performance applications with a focus on cybersecurity tooling.

  • JavaScript

    My JavaScript expertise come from a long time, my background as developer made me possible to perform penetration testing on web applications, identifying and exploiting client-side vulnerabilities.

  • Python

    My Python skills are honed for scripting powerful cybersecurity tools and also automating complex security tasks.

  • Shell Script

    I'm constantly using ShellScript for automating security processes and orchestrating system-level tasks on Unix/Linux platforms.

  • Rust

    With my proficiency in Rust, I delve into low-level programming to create my own high-performance cybersecurity tools.

  • Assembly

    My knowledge of Assembly allows me to perform meticulous analysis and reverse engineering of malware through tools like Ghidra.

Tools & Technologies

  • Burp Suite

    Skilled in utilizing Burp Suite for comprehensive web application security testing and uncovering critical vulnerabilities.

  • OWASP Zed Attack Proxy

    Proficient with OWASP ZAP for automated security scanning and targeted manual testing of web apps.

  • Greenbone OpenVAS

    Experienced in deploying OpenVAS to scan and evaluate the security of network services and systems.

  • Tenable Nessus

    Well-versed in using Nessus to identify a wide range of vulnerabilities and security issues within company infrastructure.

  • Qualys, Inc.

    Adept at leveraging Qualys for vulnerability management and securing web applications and cloud environments.

  • Rapid7 Metasploit

    Knowledgeable in applying Metasploit for developing and executing exploit code to assess network defenses.

  • Nmap

    Capable of conducting advanced network discovery and security auditing with Nmap to reveal potential vulnerabilities.

  • Wireshark

    Experienced in packet analysis with Wireshark, monitoring and diagnosing network traffic for security investigations.

  • Ghidra

    Utilize Ghidra for reverse engineering, dissecting malicious code to understand and mitigate attack vectors.

πŸ“œ Certifications

Cybrary

  • Offensive Penetration Testing

  • Advanced Penetration Testing

  • Penetration Testing

  • Penetration Testing & Ethical Hacking

  • OWASP TOP 10

  • CompTIA Security+

  • Cyber Kill Chain Framework

  • MITRE ATT&CK Framework

  • Security Operations Analyst (SOC)

  • CompTIA Linux+

  • System Administrator

  • CompTIA A+

TCM Security

  • Web Application Penetration Testing

  • API Hacking

  • Ethical Hacking

  • Movement, Pivoting, Persistence

  • Privilege Escalation Windows

  • Privilege Escalation Linux

  • External Pentest Playbook

  • Governance, Risk and Compliance

  • Open Source Intelligence (OSINT)

Try Hack Me

  • Offensive Pentest

  • CompTIA Pentest+

  • JR Pentest

Other

  • Fortinet Network Security Level 3

  • Fortinet Network Security Level 2

  • Fortinet Network Security Level 1

  • API Penetration Testing

  • EC Council Master OSINT

  • EC Council Reconnaissance

πŸ’Ό Professional Experience

  • HackerOne

    Independent Cyber Security Researcher

    Remote

    2023 - Present

    • Successfully identified and reported a significant security vulnerability through HackerOne's Bug Bounty Program.
    • Conducted thorough vulnerability assessments and penetration testing on a variety of web applications to uncover security issues.
    • Maintained up-to-date knowledge of the latest cybersecurity threats and trends.
    • Collaborated with security teams to responsibly disclose vulnerabilities.
    • Honed skills by using a good variety of cybersecurity tools.
    • Practiced many methodologies to conduct security assessments.

Education

  • B.Tech in Cybersecurity

    University X

    2023 - 2026

    • Actively involved in cybersecurity research projects and student-led initiatives.
    • Strong foundation in network security, cryptography, and ethical hacking principles.

  • Electrical Engineering

    University Z

    2014 - 2016

    • Gained proficiency in programming languages (e.g., C, Python) for embedded systems design and automation tasks.
    • Developed problem-solving and analytical skills, providing a solid base for cybersecurity work.

πŸ“¦ Projects

  • 0xh3x73rs Team

    Founding Member

    2023 - 2024

    • Co-founded a bug bounty team, demonstrating leadership and initiative in the cybersecurity field.
    • Collaborated with team members to identify and report vulnerabilities in various web applications.
    • Contributed to the successful identification of significant security flaws.
    • Developed expertise in vulnerability research and reporting methodologies.

πŸ† Achievements

  • ⭐ 1st Place - CTF Hacker Talent of the Month (HackerOne)

  • ⭐ Top 1% - Hacker Rankings (TryHackMe)

πŸ’¬ Languages

  • πŸ‡ΊπŸ‡Έ English: Fluent

  • πŸ‡§πŸ‡· Portuguese: Fluent

  • πŸ‡ͺπŸ‡Έ Spanish: Conversational

⬇ Download Resume

If you want to save my resume, you can download it below, feel free to contact me any time!

Save My Resume