Xiaoran Wang is a Senior Product Security Engineer at salesforce.com. He has presented at several conferences such as Black Hat USA, Black Hat Asia, ToorCon, HackerHalted, etc. He is passionate about security, especially web application security. At work, he does architectural feature review for security, web penetration testing, security training, security automation, etc. In his personal time, he does security research in a variety of topics including exploit writing, malware analysis, vulnerability analysis, and tearing things apart. He has written many useful defensive tools as well. For example, he developed an add-on "Mixed Content Monitor" for Firefox to block and show the insecure resources loaded within https. He also developed "Process Injection Monitor" that does automatic malware analysis and extracts injected code to a binary when a malware process tries to inject itself into other processes. You may checkout his personal website at www.attacker-domain.com.
