Fotios (Fotis) Chantzis attended 1st Ilioupoli high school in Athens, Greece from 2002 to 2005. He then pursued a Master of Engineering (MEng) degree in Computer Engineering at the Computer Engineering and Informatics Department of the University of Patras in Greece from 2005 to 2012.
Fotios Chantzis has worked in various roles across multiple companies. He is currently working as a Security Engineer at OpenAI, where he has been since 2020, laying the foundation for a safe and secure Artificial General Intelligence (AGI).
Prior to his role at OpenAI, Chantzis worked as a Principal Information Security Engineer at Mayo Clinic from 2016, where he managed and conducted technical security assessments and vulnerability research on medical devices, clinical support systems, and critical healthcare infrastructure.
From 2015, Chantzis worked as an Ncrack Maintainer and Network Security Researcher at Nmap, where he has been a core member of the development team since 2009. He authored a video course on "Mastering Nmap" at Packt and has also authored a paper on exploiting the TCP Persist Timer, published in Phrack #66.
Chantzis has also held roles as a Computer Security Researcher at CENSUS S.A., an Information Security Engineer at Cyber Defence Directorate, Hellenic National Defense General Staff, and as a Co-founder, Cloud Engineer, and Software Engineer at PrimaVista and Lesspaper, where he developed back-end cloud infrastructure and Android application demos.
Chantzis is the author of "Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things", published in 2021. The book provides a comprehensive guide to hacking Internet-connected devices, drawing from the real-life exploits of five highly regarded IoT security researchers.
Fotios Chantzis (also known as Fotis Chantzis) is a Security Engineer at OpenAI where he has been working on laying the foundation for a safe and secure AGI. Chantzis has been working in the field of security engineering and research for several years, with experience in multiple companies and roles.
Chantzis received his high school education at 1st Ilioupoli high school in Athens, Greece from 2002 to 2005. He then pursued a Master of Engineering (MEng) degree in Computer Engineering at the Computer Engineering and Informatics Department of the University of Patras in Greece from 2005 to 2012. In addition to his formal education, Chantzis obtained various certifications, including:
Chantzis is currently working at OpenAI, where he has been since 2020. Prior to this, he worked as a Principal Information Security Engineer at the Mayo Clinic from 2016. At the Mayo Clinic, he managed and conducted technical security assessments on medical devices, clinical support systems, and critical healthcare infrastructure.
Chantzis has been a member of the core Nmap development team since 2009, when he wrote Ncrack under the mentorship of Gordon "Fyodor" Lyon, the original author of Nmap, during the Google Summer of Code. He later worked as a mentor for the Nmap project during the Google Summer of Code in 2016 and 2017. He has also authored a video course about Nmap, titled "Mastering Nmap".
Chantzis has also worked as a Computer Security Researcher at CENSUS S.A. from 2015, conducting manual security assessments and penetration tests for clients worldwide. He has experience in developing tools for the exploitation of special-purpose network protocols. Prior to this, Chantzis worked as an Information Security Engineer at the Cyber Defence Directorate, Hellenic National Defense General Staff.
Chantzis has also co-founded two companies, PrimaVista and Lesspaper, where he worked as a Cloud Engineer and Software Engineer, respectively. At PrimaVista, he developed back-end cloud infrastructure, and at Lesspaper, he developed Android application demos.
Chantzis has conducted research in the field of network security, including exploiting the TCP Persist Timer (published in Phrack #66) and inventing a stealthy port scanning attack by abusing XMPP. He has presented his work at notable security conferences, including DEF CON.
Chantzis has also co-authored a book, "Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things", which was published in March 2021. The book draws from the real-life exploits of five highly regarded IoT security researchers and provides a comprehensive guide to testing IoT systems, devices, and protocols to mitigate risk.
Highlights of Chantzis's work and his publications can be found on his website: https://sock-raw.org/. He is also active on Twitter under the handle @ithilgore.
Youtube Title: Network Exploitation of IOT Ecosystems Fotios Fotis Chantzis
Youtube Link: link
Youtube Channel Name: All Hacking Cons
Youtube Channel Link: https://www.youtube.com/@AllHackingCons
Network Exploitation of IOT Ecosystems Fotios Fotis Chantzis
Youtube Title: Practical IoT Hacking: Fireside Chat with Authors - Paulino Calderon, Fotios Chantzis, Lily Newman
Youtube Link: link
Youtube Channel Name: IoT Village
Youtube Channel Link: https://www.youtube.com/@IoTVillage
Practical IoT Hacking: Fireside Chat with Authors - Paulino Calderon, Fotios Chantzis, Lily Newman
Youtube Title: LayerOne 2019 - Network Exploitation of IOT Ecosystems (Fotios “Fotis” Chantzis)
Youtube Link: link
Youtube Channel Name: LayerOne Information Security Conference
Youtube Channel Link: https://www.youtube.com/@layerone_org
LayerOne 2019 - Network Exploitation of IOT Ecosystems (Fotios “Fotis” Chantzis)
Youtube Title: GrrCON 19 3 19 Network exploitation of IoT ecosystems Fotios ithilgore Chantzis
Youtube Link: link
Youtube Channel Name: Adrian Crenshaw
Youtube Channel Link: https://www.youtube.com/@irongeek
GrrCON 19 3 19 Network exploitation of IoT ecosystems Fotios ithilgore Chantzis
Youtube Title: Network Exploitation of IoT systems - Fotis Chantzis
Youtube Link: link
Youtube Channel Name: OWASP LATAM
Youtube Channel Link: https://www.youtube.com/@OWASPLATAM
Network Exploitation of IoT systems - Fotis Chantzis
Youtube Title: BSidesSF 2024 - LLMs at the Core: From Attention to Action in… (Fotis Chantzis, Paul McMillan)
Youtube Link: link
Youtube Channel Name: Security BSides San Francisco
Youtube Channel Link: https://www.youtube.com/@BSidesSF
BSidesSF 2024 - LLMs at the Core: From Attention to Action in... (Fotis Chantzis, Paul McMillan)
Youtube Title: IoT Hacking with Beau Woods and Paulino Calderon | 401 Access Denied Ep. 48
Youtube Link: link
Youtube Channel Name: Cybrary
Youtube Channel Link: https://www.youtube.com/@CybraryIt
IoT Hacking with Beau Woods and Paulino Calderon | 401 Access Denied Ep. 48
Youtube Title: The Etiology of Vulnerability Exploitation
Youtube Link: link
Youtube Channel Name: RSA Conference
Youtube Channel Link: https://www.youtube.com/@RSAConference
The Etiology of Vulnerability Exploitation
Youtube Title: "Smart Contract Security" - Evangelos Deirmentzoglou
Youtube Link: link
Youtube Channel Name: OWASP London
Youtube Channel Link: https://www.youtube.com/@OWASPLondon
"Smart Contract Security" - Evangelos Deirmentzoglou
Youtube Title: Why IOT has Huge Attack Surface - Pentesters and Researchers Rejoice
Youtube Link: link
Youtube Channel Name: Cristi Vlad
Youtube Channel Link: https://www.youtube.com/@CristiVladZ
Why IOT has Huge Attack Surface - Pentesters and Researchers Rejoice
Youtube Title: The Anatomy of an Exploit - Patricia Aas
Youtube Link: link
Youtube Channel Name: NDC Conferences
Youtube Channel Link: https://www.youtube.com/@NDC
The Anatomy of an Exploit - Patricia Aas
Youtube Title: DEF CON 25 BioHacking Village - Christopher Frenz - Standardizing Deployment Of Medical Devices
Youtube Link: link
Youtube Channel Name: DEFCONConference
Youtube Channel Link: https://www.youtube.com/@DEFCONConference
DEF CON 25 BioHacking Village - Christopher Frenz - Standardizing Deployment Of Medical Devices
Youtube Title: USENIX Security '17 - CAn’t Touch This…
Youtube Link: link
Youtube Channel Name: USENIX
Youtube Channel Link: https://www.youtube.com/@UsenixOrg
USENIX Security '17 - CAn’t Touch This...