I started my career as a software developer. In my first experiences, I had the possibility to experiment with different technologies: web frontend programming languages (HTML5, CSS3, AngularJS, Javascript, JQuery), web backend programming languages (PHP, Java) and development of hybrid (Ionic, Cordova) and native (Android & IOS) mobile applications. Afterwards, I decided to dedicate my career to information security, focusing on penetration testing and security research: my daily job consists of making infrastructures and applications more secure by finding vulnerabilities and flaws and working as closely as possible with the developing team to fix them. I perform security assessments on different types of targets, ranging from web applications and mobile applications to infrastructures and IoT devices. I use a considerable part of my spare time to participate in bug bounties and perform freelance security research. I play CTFs with TheRomanXpl0it team and mhackeroni team.
Focus Area
I am focused on web applications/mobile applications penetration testing and web/mobile security research. I am fluent in Java, Python, PHP, C and Javascript. I love Android and Linux-based operating systems and strive to learn about their security. I also love web technologies and browsers. Recently, I am trying to get more skilled in binary analysis/exploitation and reverse engineering.
Security Research / Bugs / CVEs
As part of my freelance security research I found some CVEs in popular software and interesting bugs in top-level bug bounty programs
Industrial Experience
Founder @ SECUREM ~ Sep 2020 - NOW
Core Penetration Tester @ Cobalt.io ~ February 2020 - NOW
Security Researcher @ Synack Red Team ~ September 2018 - NOW
Senior Security Consultant (Senior Penetration Tester) @ Accenture ~ May 2019 - February 2020
Threath and vulnerability management consultant and Penetration Tester @ DXC Technology ~ January 2018 - May 2019
Cyber Security Junior Consultant @ NTT Data ~ November 2016 - January 2018
Software Developer @ PC Cube ~ May 2016 - November 2016
Education
Master Of Science - Computer Science (Cyber-Security) @ Staffordshire University ~ Dissertation: Side-channel attacks on Android APIs
Bachelor's Degree - Computer Engineering @ Università degli studi di Roma Tre ~ Dissertation: Mobile Applications Hacking
High School Diploma - Computer Specialization @ IISS J. VON NEUMANN ~ Ottista: got degree in four years instead of five years because of high marks
Certifications
OSCP
OSWE
eMAPT
XRY
Cyberark Certified Delivery Engineer
Tenable TCSCE, Tenable TCNE, Tenable TCSA
TOEFL
Awards
Black Hat USA 2020 Student Scholarship Winner
2020 Lausanne Synack HackerHangout Finalist
Accenture Cybergame 2017 - Member of winner team
Best Team Award RoboCup 2013 - Eindhoven (international robotics competition)
Italian Champion 1st place Rome Cup 2013 (Italian robotics competition)