Felipe Moniz Daragon has been researching Internet attacks since 1998 to help organizations develop secure applications. Felipe believes that signature-based detection, although still necessary, is not as effective as before in securing systems and has been mainly defending proactive technologies and the practice of vulnerability disclosure.
In the latest couple of years, he has specialized in web application security, and developed Syhunt Dynamic, a software suite for testing web applications against intruder attacks, Syhunt Code, and a number of security utilities, such as the Win32 Nmap GUI NmapW, Apache and IIS banner editing tools, worm removal tools (during the Nimda / Code Red outbreaks), a log analysis tool and the Apache/PHP Hardener. Felipe has been involved in projects in global and local organizations and has accumulated knowledge and experience in pen-testing web servers and web applications.
In an age that organizations worldwide want to expand their web presence, application security testing tools are becoming increasingly demanded. Continuous research is necessary in order to ensure that the databases developed are up-to-date on the latest attack techniques. The Syhunt security team currently performs this daunting task and has already been able to consolidate exploit information disclosed by hundreds of experienced bug hunters in the Syhunt suite.