Skip to content
View bob-reis's full-sized avatar
🤔
Difícil é Aprender a Ler, o Resto está Escrito
🤔
Difícil é Aprender a Ler, o Resto está Escrito
17 followers · 71 following

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Block or report bob-reis

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
bob-reis/README.md

🕶️ About Me (Def3nse style)

const bob = {
  alias: "Att4ck and Def3nse",
  focus: ["Secure Software Development", "Threat Modeling", "AppSec Automation", "Cybersec"],
  code: ["Python", "Go", "Bash", "C/C++", "Terraform", "YAML", "and more..."],
  devSecOps: ["SonarQube", "SAST/DAST", "Azure DevOps", "GitHub Actions", "GitLab CI"],
  threatModeling: ["OWASP Threat Dragon", "STRIDE", "MITRE ATT&CK"],
  philosophy: "Security is culture, not a checklist.",
  funFact: "Prefiro logs a PPTs e já automatizei até café ☕ (quase...)",
  effect phrase: "Difícil é aprenser a ler, o resto está escrito..."
}

💻 What I Do

# Investigação & Red Team
└─$ nmap -A target.corp
[+] Open ports found: 22/ssh, 443/https
[+] Weak cipher detected...

# Threat Modeling
└─$ curl -s threats.md
[+] Identifying misuse cases...
[+] Simulating insider attacks...
[+] Mapping STRIDE to OWASP Top 10...

# DevSecOps
└─$ cat pipeline.yml
stages:
  - build
  - test
  - sast
  - dast
  - deploy

🛡️ Skills & Tools

  • DevSecOps: Azure DevOps · GitHub Actions · GitLab CI · Terraform · Kustomize
  • Threat Modeling: OWASP Threat Dragon · STRIDE · LINDDUN · MITRE ATT&CK
  • AppSec: SAST · DAST · Secure Code Review · Secrets Detection
  • OSINT & CTI: OpenCTI · MISP · Maltego · EnumDNS · ThreatFox
  • Infra & Cloud: Kubernetes · Docker · Linux (Kali, Debian, Oracle, Azure, OCI)

📊 Coding Stats



🌐 Connect with me

Linkedin YouTube GitHub

Popular repositories Loading

  1. JS-Analysis JS-Analysis Public

    Python 8 3

  2. SafeSpray SafeSpray Public

    SafeSpray is a client-side tool for studies, awareness, and authorized authentication testing (pentest/OSINT/blue team). Everything runs in the browser: no data is sent to servers. The focus is edu…

    TypeScript 6 1

  3. agents-of-matrix agents-of-matrix Public

    Sua coletania de agentes para Claude.ai

    Shell 4

  4. matriz-maturidade matriz-maturidade Public

    Teste de Maturidade em Segurança da Informação

    JavaScript 2 1

  5. opencti-kubernetes opencti-kubernetes Public

    1

  6. Lamp-nginx-php7.4-MariaDB Lamp-nginx-php7.4-MariaDB Public

    Projects and containers examples

    Dockerfile