Skip to content
View cr0hn's full-sized avatar


Block or Report

Block or report cr0hn

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse


Since I was child I loved technology. But I hadn't a computer until I was 15. I learned to program at my neighbourhood library with paper, a pen, and the C reference book. In my career, I was in the offensive and defensive part of the development. I destroyed and created software and systems and worked on hundreds of technologies, sometimes acting as CTO and others ones as CISO.


I started my career as an ethical hacker and moved to the defender's side, little by little.

I have published more than 100 security tools and projects as Open Source. I did dozens of talks worldwide and wrote a networking security book (I'm writing another one).

I worked for top companies in different sectors: Startups, Insurance, Construction Companies, Software Companies, Banks, Governments, Telecommunications, Lawyers, or Internet Service Providers.

I am an expert in Python, REST API Security, and the security life cycle of software. I also have extensive experience and knowledge in software scalability, SecDevOps, automation, architecture design, or Cloud (AWS or Google Cloud, among others).

You can find more details of my career on my LinkedIn.

Popular repositories

  1. dockerscan dockerscan Public

    Docker security analysis & hacking tools

    Python 1.3k 196

  2. vulnerable-node vulnerable-node Public

    A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

    JavaScript 432 634

  3. aiotasks aiotasks Public

    A Celery like task manager that distributes Asyncio coroutines

    Python 430 37

  4. nosqlinjection_wordlists nosqlinjection_wordlists Public

    This repository contains payload to test NoSQL Injections

    339 69

  5. festin festin Public

    FestIn - Open S3 Bucket Scanner

    Python 223 31

  6. aiohttp-swagger aiohttp-swagger Public

    Swagger API Documentation builder for aiohttp server

    JavaScript 185 80