Cody Zacharias

Cody Zacharias
Cody Zacharias
	Add a Photo
Born	August 15, 1996; San Diego, California
Nationality	American
Other names	Xen
Citizenship	United States of America
Occupation	Security Analyst; Ethical Hacker; Developer; Entrepreneur; Inventor;
Years active	2016 - Present Day
Website	Official Website

Cody Zacharias (born August 15, 1996), also known as Xen, is an American ethical hacker, Information security analyst, developer, and entrepreneur. He is best known for his work with the now-defunct cyber security organization Project Insecurity. He is the founder of professional branding agency Xen^[1], and he is the inventor of the Twitter intelligence tool Twint.^[2]

Career

Cody Zacharias has been recognized and thanked by numerous companies such as AT&T^[3], VICE News^[4], RedHat^[5], Adobe^[6], Xfinity^[7], LastPass^[8],MYOB^[9], and Acquia^[10] for not only finding security vulnerabilities in their sites, but also for helping secure them.

Zacharias was a core-member of Project Insecurity, and in April 2018 with “Crackas With Attitude” hacker Kane Gamble released two exploits affecting live chat systems used by various financial corporations and internet service providers.^[11] The duo demonstrated that a malicious hacker is able to retrieve PII belonging to employees of the affected companies. Some of the affected companies included Google, PayPal, Bank of America, Verizon, Sony, Tesla, Kaspersky, AT&T, and many other large corporations.^[12]

In August 2018, Zacharias led the Project Insecurity team to release a series of critical exploits for OpenEMR, an electronic medical system.^[13] The security flaws discovered by Zacharias and the Project Insecurity team could have been leveraged by a malicious hacker to expose the personal information of more than 90 million people worldwide.^[14]

Since September 2018, Zacharias has worked for HackerOne, a bug bounty platform, as a security analyst.^[15]

In 2021, Zacharias founded the professional branding agency Xen.^[16]

Other Work

Twint

Zacharias is the inventor of the Twitter intelligence tool, Twint. Twint is used by data scientists, marketers, college professors, doctoral candidates, and threat intelligence researchers^[17]. In 2018, researchers at cyber security company ‘Trend Micro’ showcased Twint’s essential role in threat intelligence and effectively analyzing social media for disinformation during a presentation at the ‘Hack In The Box Security Conference’.^[18]

Subjack

In October 2017, Zacharias released the computer security tool Subjack, which has been used by cyber security professionals to prevent tens of thousands of cyber attacks.^[19] Subjack is used in Adobe’s “Project Hijack”, an internal Adobe project aimed to help avoid subdomain takeovers through continuously monitoring and identifying expired domains.^[20]

References

↑ "Detail by Entity Name".
↑ "twintproject/twint". April 20, 2020 – via GitHub.
↑ "AT&T Bug Bounty - Welcome". bugbounty.att.com.
↑ "VICE Responsible Disclosure Policy". Vice.
↑ "Vulnerability Acknowledgements for Red Hat online services". Red Hat Customer Portal.
↑ "HackerOne profile - codyzacharias".
↑ "Security Vulnerability Report". my.xfinity.com.
↑ "Cz on Bugcrowd".
↑ "Report Security Vulnerability".
↑ "Security | Acquia".
↑ "Mainstream Live Chat widgets leaking personal details of employees".
↑ "Live Chat Widgets Leak Employee Details from High-Profile Companies".
↑ "OpenEMR patches serious vulnerabilities uncovered by Project Insecurity".
↑ "Medical Records of 90 Million People Left Vulnerable to Critical Security Flaws".
↑ https://linkedin.com/in/codyzacharias
↑ "Cody Zacharias seeks to take his mindset, skills, and business acumen to other industries". 11 January 2021.
↑ "Hunting Threats on Twitter: How Social Media can be Used to Gather Actionable Threat Intelligence - Security News - Trend Micro USA". www.trendmicro.com.
↑ https://conference.hitb.org/files/hitbsecconf2018pek/materials/D2T1%20-%20Social%20Media%20Mining%20for%20Threat%20Intelligence%20-%20Fyodor%20Yarochkin.pdf
↑ https://ventsmagazine.com/2021/01/07/cody-zacharias-the-life-and-heroism-of-a-hacker/
↑ "Security @ Adobe | Help Avoid DNS Takeovers". Security @ Adobe.

External links

Add External links

This article "Cody Zacharias" is from Wikipedia. The list of its authors can be seen in its historical. Articles taken from Draft Namespace on Wikipedia could be accessed on Wikipedia's Draft Namespace.

[1] "Detail by Entity Name".

[2] "twintproject/twint". April 20, 2020 – via GitHub.

[3] "AT&T Bug Bounty - Welcome". bugbounty.att.com.

[4] "VICE Responsible Disclosure Policy". Vice.

[5] "Vulnerability Acknowledgements for Red Hat online services". Red Hat Customer Portal.

[6] "HackerOne profile - codyzacharias".

[7] "Security Vulnerability Report". my.xfinity.com.

[8] "Cz on Bugcrowd".

[9] "Report Security Vulnerability".

[10] "Security | Acquia".

[11] "Mainstream Live Chat widgets leaking personal details of employees".

[12] "Live Chat Widgets Leak Employee Details from High-Profile Companies".

[13] "OpenEMR patches serious vulnerabilities uncovered by Project Insecurity".

[14] "Medical Records of 90 Million People Left Vulnerable to Critical Security Flaws".

[15] ttps://linkedin.com/in/codyzacharias

[16] "Cody Zacharias seeks to take his mindset, skills, and business acumen to other industries". 11 January 2021.

[17] "Hunting Threats on Twitter: How Social Media can be Used to Gather Actionable Threat Intelligence - Security News - Trend Micro USA". www.trendmicro.com.

[18] ttps://conference.hitb.org/files/hitbsecconf2018pek/materials/D2T1%20-%20Social%20Media%20Mining%20for%20Threat%20Intelligence%20-%20Fyodor%20Yarochkin.pdf

[19] ttps://ventsmagazine.com/2021/01/07/cody-zacharias-the-life-and-heroism-of-a-hacker/

[20] "Security @ Adobe | Help Avoid DNS Takeovers". Security @ Adobe.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]