About
My name is Luis Grangeia, and I’m an information security professional working in the field for about 15 years, mostly doing security audits and pen-tests.
I do information security auditing and testing to major portuguese and european companies (retail, banking, insurance, telcos). I sometimes speak about information security at conferences and meetings.
Some stuff that I put out there you might find interesting:
- Cupid, an implementation of the heartbleed attack for wireless networks, implemented as patches for hostapd and wpa_supplicant (slides here).
- I authored a Burp Suite extension to handle and inject inside AES encrypted payloads.
- I wrote the original paper for DNS Cache Snooping.
- In another millenium I’ve co-authored a phrack article that, among other things, implemented a covert TCP sniffer inside the Linux kernel.
All my recent slide decks are available on slideshare.net.
I’m mostly interested in security research, covering the usual topics:
- Operation System design models (trusted path computing, security models, etc.);
- Web Application security (lots of experience here…);
- Low level protocols design and implementation;
- Debugging & disassembling software & hardware;
- Mobility and embedded systems, Android/IOS, wearables, IoT;
- Futurology, new uses for technology, new forms of interaction.
You can find me on these places: