He is the author of sqlninja (http://sqlninja.sf.net), an open source toolkit that has become a weapon of choice for penetration testers (and other less respectable folks) when exploiting SQL Injection on web applications based on SQL Server.

He is a contributing author of both editions of the book SQL Injection Attacks and Defense, published by Syngress, and a co-author of the OWASP Testing Guide. He has been invited as a speaker to several conferences, including SOURCE, EuSecWest, RSA, ShakaCon, AthCon and CONFidence, where he presented material on web exploitation and data exfiltration techniques.

He is currently based in London, enjoying its awful weather and crazy nightlife.

Alberto has presented at:

• 44CON 2014: Payment applications handle lots of money. No, really: lots of it.