Christopher Dio Chavez
Christopher Dio Chavez brings over 25 years of expertise in both offensive and defensive cybersecurity practices, establishing himself as a distinguished figure in the field. With multiple certifications from leading cybersecurity vendors, Chris is not only an EC-Council Instructor (CEI) but also a PECB Certified Trainer, demonstrating his commitment to both professional excellence and teaching.
Chris has made invaluable contributions as a consultant, partnering with a wide array of private and government entities across the Philippines. His work spans information security, digital forensics, and incident response, with a proven track record of enhancing the security posture of organizations. As Chief Hacking and Defense Officer in the IT sector, he has played a pivotal role in defending and securing digital ecosystems.
A dedicated educator, Chris collaborates with EC-Council and PECB training centers in the Philippines to shape the next generation of cybersecurity professionals. His influence extends globally, as evidenced by his inclusion in the prestigious TryHackMe Worldwide Hall of Fame, where he ranks as the #1 cybersecurity professional in the Philippines and among the top 20 globally out of over 4 million members.
Chris’s diverse career spans industries such as gaming, technology, telecommunications, oil and gas, military defense, and intelligence. His international contributions also include co-developing a cybersecurity examination in collaboration with subject matter experts, sponsored by Prometric in London.
In 2025, Chris further solidified his local and international standing by speaking at the Australian Information Security Association (AISA), DEFCON, C0C0N, DICT CERTCON, BLACKHAT MEA 2025 Hacking Conference, sharing insights on advanced cyber defense strategies and threat intelligence.
With a passion for continuous innovation and a relentless commitment to securing digital ecosystems, Christopher Dio Chavez remains a driving force in cybersecurity, protecting critical infrastructures across multiple sectors.
Session
In an age where vulnerabilities are discovered daily and exploited faster than patches can be released, Python stands as the ultimate ally for defenders. This session takes you behind the scenes of building Toolshell, a next-generation SharePoint CVE scanner powered by Python that automates detection, analysis, and reporting of real-world vulnerabilities like CVE-2025-53770.
Attendees will learn how to:
1. Engineer an AI-assisted vulnerability scanner using modern Python libraries.
Build a config-driven detection engine with regex pattern matching, adaptive scoring, and SSL certificate analysis.
2. Transform raw scan results into beautiful HTML reports and structured datasets for security dashboards.
Apply defensive Python automation techniques to identify exposure safely before attackers do.
This talk blends cybersecurity and software craftsmanship, showing how Python empowers defenders to automate vulnerability discovery, accelerate incident response, and make threat detection transparent and reproducible. Whether you're a security analyst, developer, or DevSecOps enthusiast, you’ll walk away inspired to turn your scripts into battle-ready python security tool that protect real infrastructure.