Me

I started my career as a software developer. In my first experiences, I had the possibility to experiment with different technologies: web frontend programming languages (HTML5, CSS3, AngularJS, Javascript, JQuery), web backend programming languages (PHP, Java) and development of hybrid (Ionic, Cordova) and native (Android & IOS) mobile applications. Afterwards, I decided to dedicate my career to information security, focusing on penetration testing and security research: my daily job consists of making infrastructures and applications more secure by finding vulnerabilities and flaws and working as closely as possible with the developing team to fix them. I perform security assessments on different types of targets, ranging from web applications and mobile applications to infrastructures and IoT devices. I use a considerable part of my spare time to participate in bug bounties and perform freelance security research. I play CTFs with TheRomanXpl0it team.

Focus Area

I am focused on web applications/mobile applications penetration testing and web/mobile security research. I am fluent in Java, Python, PHP, C and Javascript. I love Android and Linux-based operating systems and strive to learn about their security. Recently, I am trying to get more skilled in binary analysis/exploitation and reverse engineering.

CVE & Bugs

As part of my freelance security research I found some CVEs in popular software and interesting bugs in top-level bug bounty programs

Halls of fame: Google, Facebook, Samsung, 1Password, Liferay, Adobe

CVEs: CVE-2018-13042, CVE-2019-6588, CVE-2018-18467, SVE-2018-13300, CVE-2019-16469

More info here

Industrial Experience

Core Penetration Tester @ Cobalt.io ~ February 2020 - NOW

Security Researcher @ Synack Red Team ~ September 2018 - NOW

Senior Security Consultant (Senior Penetration Tester) @ Accenture ~ May 2019 - February 2020

Threath and vulnerability management consultant and Penetration Tester @ DXC Technology ~ January 2018 - May 2019

Cyber Security Junior Consultant @ NTT Data ~ November 2016 - January 2018

Software Developer @ PC Cube ~ May 2016 - November 2016

Education

Master Of Science - Computer Science (Cyber-Security) @ Staffordshire University

Bachelor's Degree - Computer Engineering @ Università degli studi di Roma Tre ~ Dissertation: Mobile Applications Hacking

High School Diploma - Computer Specialization @ IISS J. VON NEUMANN ~ Ottista: got degree in four years instead of five years because of high marks

Certifications

OSCP

eMAPT

XRY

Cyberark Certified Delivery Engineer

Tenable TCSCE, Tenable TCNE, Tenable TCSA

TOEFL

Awards

Accenture Cybergame 2017 - Member of winner team

Best Team Award RoboCup 2013 - Eindhoven (international robotics competition)

Italian Champion 1st place Rome Cup 2013 (Italian robotics competition)