Skip to content
View fabionoth's full-sized avatar
attention
attention
108 followers · 112 following

Achievements

Achievement: Pull Sharkx2Achievement: YOLOAchievement: Starstruckx3Achievement: Arctic Code Vault Contributor

Achievements

Achievement: Pull Sharkx2Achievement: YOLOAchievement: Starstruckx3Achievement: Arctic Code Vault Contributor

Block or report fabionoth

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
fabionoth/README.md

👋 Hi, I’m Fabio N.

Sr. Application Security Engineer • CEH
Brazil · Web3 & AppSec · DevSecOps & Automation

LinkedIn Email Focus

🚀 About me

Security engineer with 10+ years across application security, penetration testing, and blockchain/Web3 auditing.
I build secure SDLCs, automate threat mitigation, and help dev teams ship safely.

  • Sr AppSec Engineer @ COFCO International — integrating DevSecOps on Azure, automating vulnerability remediation with logging/monitoring pipelines and code analysis.
  • Blockchain Security Auditor @ Hacken — research on Web3/DApps, code review, vulnerability analysis.
  • Past roles include AppSec/pentesting at Mercado Livre, Intuition Machines, TechBiz Forense Digital, and an earlier foundation in software engineering.

“Security is not a product, but a process.” — Bruce Schneier

🧰 Toolbelt

AppSec & Pentest: Burp Suite · OWASP ZAP · Metasploit · Nmap · Nikto · Fortify (SAST) · DAST
DevSecOps: Azure DevOps · CI/CD hardening · Code Scanning · Policy as Code · Ansible
Cloud/Infra & Ops: Linux (CentOS) · SIEM · Logging/Monitoring · Incident Response
Code: Python · Java · JavaScript · Flask · Git · HTML
Data: PostgreSQL · MySQL

🧪 What I like to work on

  • Threat modeling & secure design reviews
  • SAST/DAST/Secrets/Dependencies automation in CI
  • Web & mobile pentests, API security, OWASP Top 10
  • Web3/DApps code review, vuln research, PoCs
  • Developer enablement: fix-first guidance, guardrails, reusable templates

📌 Featured projects

  • Awesome Cyber Security — Curated list of security tools, libraries, docs, and resources.
    #security #appsec #pentest

  • Awesome Web3 Security — Curated resources for smart contracts and Web3 defense.
    #web3 #smartcontracts #dapps

Want a quick tour? Open an issue and I’ll add examples, sample PoCs, and walkthroughs.

🏅 Certifications & Education

  • CEH — Certified Ethical Hacker
  • CCNA (Intro to Networks)
  • B.Sc. in Computer Science — FAAFI
  • Courses: Web Application Intrusion Testing · OOP (Java) · JavaScript

🌐 Find me

📈 By the numbers (optional)

GitHub Stats Top Langs

🤝 How I can help

  • Set up or uplift secure SDLC and DevSecOps
  • Pentest & code review (Web, API, Mobile, Smart Contracts)
  • Threat modeling, security coaching, and playbooks

If you want to collaborate, open a discussion or reach out on LinkedIn.
Thanks for stopping by! ✨

Pinned Loading

  1. awesome-cyber-security awesome-cyber-security Public

    A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

    1.7k 233

  2. awesome-web3-security awesome-web3-security Public

    A curated list of awesome Web3 Security.

    16 3

  3. zap-api zap-api Public

    Simple OWASP-ZAP API that makes spider and scanner in your web application.

    Python 12 3

  4. Guide to using db_nmap Guide to using db_nmap
    1 
    #Start postgres
    2 
    root@kali ~# systemctl start postgresql
    3 
    
              
    
              
    
                4
                
    #Start metasploit database
    
              
    
              
    
                5
                
    root@kali ~# msfdb init 
    
              
    
          
    
    
    
  
    

    5.