Computer Science graduate from the University of Parma, focused on cybersecurity. I build home labs, break things to understand how they work, and document everything I learn.
Hands-on experience with vulnerability assessment, SIEM deployment (Wazuh), network security monitoring, and Linux hardening. I approach security from both the offensive and defensive side.
Currently seeking junior cybersecurity analyst positions.
In italiano
Laureato in Scienze Informatiche all'Universita di Parma, con focus sulla cybersecurity. Costruisco laboratori, analizzo sistemi per capirne le vulnerabilita e documento tutto cio che imparo.
Esperienza pratica in vulnerability assessment, deployment SIEM (Wazuh), network security monitoring e hardening Linux. Approccio la sicurezza sia dal lato offensivo che difensivo.
Attualmente alla ricerca di posizioni junior come cybersecurity analyst.
| Certification | Status | Progress |
|---|---|---|
| Cisco CCNA (200-301) | 📖 Studying | |
| CompTIA Security+ (SY0-701) | 📋 Planned | |
| eJPT (eLearnSecurity) | 🎯 Next | - |
| BTL1 (Blue Team Level 1) | 🎯 Planned | - |
| Cybersecurity Labs |
Full-stack cybersecurity training environment with 10 progressive modules - from OSINT reconnaissance and vulnerability scanning to web exploitation, privilege escalation, post-exploitation, and digital forensics. Each module follows the Kill Chain methodology and is mapped to the MITRE ATT&CK framework. Includes a complete VirtualBox lab topology, documented attack scenarios, and secure coding remediation. 50+ findings documented: 10+ Critical, 20 High, 10 Medium severity across web, system, and cloud attack surfaces. Python, Bash, Docker, VirtualBox, MITRE ATT&CK |
|
| Security Home Lab |
Real-world home security infrastructure built on a Raspberry Pi 5 (8GB RAM, NVMe SSD). Runs a full SOC-style stack: Wazuh SIEM for log collection and threat alerting, Cowrie SSH/Telnet honeypot for intrusion detection, WireGuard VPN for secure remote access, and Pi-hole for DNS-level filtering. Network hardened with VLAN segmentation, UFW firewall rules, and Fail2ban. All services containerized with Docker and managed through Portainer. Also serves as a secure NAS via OpenMediaVault. Linux, Docker, Portainer, Wazuh, WireGuard, Pi-hole, Cowrie, OpenMediaVault |
|
| Tor Network Analysis |
Comprehensive technical deep-dive into the Tor network - covering onion routing protocol mechanics, circuit cryptography (AES-128-CTR, ntor handshake), directory authority infrastructure, and bridge/relay configuration. Documents known attacks and defenses (traffic correlation, browser fingerprinting, DNS leaks), operational security best practices, and legal/ethical considerations. Includes 5 hands-on labs from basic setup to hidden service deployment, automation scripts, and 210+ automated validation checks. Tor, Shell, Python, Proxychains, Network Security, OPSEC |
|
| Hardware Security Research |
Security research and auditing of physical access control systems using Flipper Zero with Rogue Master firmware. Covers Sub-GHz radio signal capture and replay, NFC/RFID tag cloning and security assessment, infrared protocol analysis, and BadUSB payload development for authorized penetration testing. Explores GPIO integration and hardware hacking fundamentals. Flipper Zero, C, Radio Protocols, NFC/RFID, GPIO, BadUSB |
|
| CTF Writeups |
Collection of Capture The Flag writeups and walkthroughs - covering web exploitation, privilege escalation, forensics, cryptography, and reverse engineering challenges. Each writeup documents the full methodology: reconnaissance, vulnerability identification, exploitation, and lessons learned. Python, Bash, Burp Suite, Wireshark, Ghidra |
|
| Detection Engineering |
Library of custom detection rules across 4 major formats: Sigma (SIEM-agnostic), Yara (malware detection), Suricata (network IDS), and Wazuh (HIDS/SIEM). Rules organized by MITRE ATT&CK tactic - from credential access and lateral movement to exfiltration and C2 detection. Includes lab setup guides, Atomic Red Team test mappings, Kibana/Grafana dashboards, and CI/CD rule validation. Full ATT&CK Navigator coverage heatmaps. Sigma, Yara, Suricata, Wazuh, ELK Stack, MITRE ATT&CK |
|
| SOC Toolkit |
Modular SOC analyst toolkit with REST API backend (Python/FastAPI) and React frontend. Three integrated modules: Phishing Analyzer (email header analysis, URL/attachment scanning, automated verdict), Log Analyzer (SSH brute force, web logs, Windows events with geolocation and alerting), and IOC Extractor (extracts indicators from PDFs, emails, and raw text). Integrates with VirusTotal, AbuseIPDB, Shodan, URLScan.io, and AlienVault OTX. Exports to JSON, CSV, and PDF reports. Python, FastAPI, React, Vite, Docker, VirusTotal API, SQLite |
|
Tools I use regularly for security analysis, testing, and automation.
Full Skillset
| Area | Tools |
|---|---|
| Offensive Security | Metasploit, SQLMap, Hydra, John the Ripper, Hashcat, Gobuster, ffuf, Nikto, Nuclei, WPScan, Aircrack-ng, pwntools, LinPEAS |
| Defensive / SIEM | Splunk, Wazuh, Snort, Suricata, Nessus, OpenVAS, Grafana, Loki, Promtail |
| Networking & Recon | Cisco (CCNA), Wireshark, Nmap, Netcat, Shodan, Maltego, Tor |
| Development | Python, C, C++, Java, Bash, PowerShell, LaTeX |
| Cloud & Infrastructure | Docker, Kubernetes, AWS, Azure, GCP, Terraform, GitHub Actions, VMware, VirtualBox |
| Web Technologies | HTML/CSS, JavaScript, TypeScript, React, PHP, Laravel, Node.js, Nginx, Apache |
| OS | Kali Linux, Ubuntu, Debian, Windows, macOS, Raspberry Pi OS |
