I am a red teamer and an offensive automation engineer and developer with a focus on reporting tool kits. I believe that we always need to be looking for ways to teach others and we should never stop learning. That’s a wonderful cycle: always be teaching and always be learning. To that end, I try to volunteer. For the past ten years I have been involved in the FIRST LEGO League (FLL) program that encourages kids to pursue their interests in STEAM (Science, Technology, Engineering, Arts, and Mathematics). My wife and I started an NPO to fund a collection of Jr. FLL, FLL, and FRC (FIRST Robotics Competition) teams.
I spend most of my time thinking about technology and how it affects us all, primarily from a security angle. I try to be involved in security conferences and local groups as much as I can be. You can find me at #misec meetings and volunteering and speaking at conferences like BSides, Circle City Con, GrrCON, and DerbyCon.
Profiles and Portfolios
Twitter: @cmaddalena
GitHub: chrismaddalena
Keybase.io: @cmaddalena
Project Highlights
- ODIN : OSINT automation and reporting
- GhostManager : A collection of reporting tools
- Goreport : Reporting tool for Gophish
- Fox : Companion tool for BloodHound statistics
- Cooper : Webpage and email cloning tool for phishing campaigns
Certifications
- Offensive Security Certified Professional (OSCP), November 2015
- Offensive Security Certified Expert (OSCE), May 2017
Education
Bachelor of Science, Information Security and Intelligence
Ferris State University, Big Rapids, MI, May 2014
Concentration: Digital Forensics
Studied with a focus on the impact of security on developers and their users by looking at the video game industry’s password policies, support for two-factor authentication, and the industry’s history of security breaches and incident responses. Conducted independent research by interviewing developers and executives at companies like RIOT Games, Obsidian, and Amazon in an effort to better understand what these companies do to protect their tens of millions of user accounts and respond to threats and changes.