Bernardo Damele


Bernardo Damele is a Principal Consultant with NCC Group where he specialises in enterprise security analysis and scenario-based penetration testing. He is also responsible for managing the technical training programme by developing methodologies and practical challenges and delivering in-depth technical workshops to the Security Testing division consultants. Before joining NCC, he has worked in consultancy and development roles at a number of IT security companies.

He has presented on web application, networks and database penetration testing at a number of conferences including Black Hat, Source and OWASP global gatherings. He is best known for being a developer of sqlmap, a popular offensive security open source tool to identify and exploit SQL injection vulnerabilities in web applications and assess and take-over database management systems.

Bernardo has presented at:

  • 44CON 2013 (workshop): How to assess and secure iOS apps