Experience
Work Experience
InTheCyber Group
Red Team Operator | Penetration Tester
As part of the Red Team, I conduct adversary simulation and security assessments, covering both red teaming and penetration testing activities.
Red Teaming: Reconnaissance (OSINT), Social Engineering (phishing, vishing), Physical Security (badge cloning, access control bypass, covert implants for internal pivoting), Active Directory & Network Exploitation (initial access, lateral movement, privilege escalation)
Penetration Testing: Mobile & Web Application Security, Network & Infrastructure Security, Wireless Security
Red Teaming: Reconnaissance (OSINT), Social Engineering (phishing, vishing), Physical Security (badge cloning, access control bypass, covert implants for internal pivoting), Active Directory & Network Exploitation (initial access, lateral movement, privilege escalation)
Penetration Testing: Mobile & Web Application Security, Network & Infrastructure Security, Wireless Security
Communication Valley Reply
Red Team Operator | Penetration Tester
Red Team Leader
Led and presented security assessment activities, including red teaming and penetration testing of web, mobile, network, and IoT systems.
Red Team Member
Conducted penetration testing assessments across different security domains.
IoT Penetration Testing: Hardware security analysis (PCB inspection, UART, SPI, I²C, JTAG/SWD), Firmware extraction, reverse engineering, and debug interface analysis, Wireless and RF protocol security assessments (Wi-Fi, BLE, ZigBee, RFID, GSM/GPRS interception via SDR), Custom protocol analysis and proprietary communication testing
IT Penetration Testing: Mobile and Web Application Security, Network & Infrastructure Security
IoT Penetration Testing: Hardware security analysis (PCB inspection, UART, SPI, I²C, JTAG/SWD), Firmware extraction, reverse engineering, and debug interface analysis, Wireless and RF protocol security assessments (Wi-Fi, BLE, ZigBee, RFID, GSM/GPRS interception via SDR), Custom protocol analysis and proprietary communication testing
IT Penetration Testing: Mobile and Web Application Security, Network & Infrastructure Security
Security Analyst
Worked in the SKY Italia security team, focusing on Vulnerability Assessment, Web Application Penetration Testing, and Vulnerability Management (asset scanning, prioritization, remediation tracking).
Education
CyberChallenge.IT 2019
University of Perugia
National cybersecurity training program with theoretical lessons and hands-on challenges (Crypto, Pwn, Web, Forensics, Reversing, Boot2Root).
Master's Degree in Computer Science Engineering
La Sapienza – University of Rome
Thesis: "TrustyTerm 2.0: a Trusted Web-based SSH Client"
Secured an SSH-over-HTTPS Proxy architecture against data tampering on a compromised proxy by customizing OpenSSH and developing integrity verification tools.
Secured an SSH-over-HTTPS Proxy architecture against data tampering on a compromised proxy by customizing OpenSSH and developing integrity verification tools.
Bachelor's Degree in Computer Science Engineering
La Sapienza – University of Rome
Thesis: "Fill Bill, an e-commerce application"
Developed a Ruby on Rails web application with social login and API integrations (Google, Twitter, Facebook, eBay, Amazon).
Developed a Ruby on Rails web application with social login and API integrations (Google, Twitter, Facebook, eBay, Amazon).