My name is Alessio, and I’m an IT security enthusiast working as a Security Engineer.
I previously worked as a penetration tester in Milan where I conducted several activities against web and mobile applications, networks and infrastructures, and devices too (smartphones, laptops, printers, routers, etc).
I like to do security and vulnerability research, bug bounties and writing helpful tools to automate most of my work.
You can find my contacts at the end of this page and a quick summary of my main achievements right above.
- October 2018 - Become a Offensive Security Certified Professional (OSCP)
- July 2017 - Presented filewatcher for MacAdmins Meeting at the University of Utah
- CVE-2022-2903 - PHP Objection Injection in WordPress Plugin (NinjaForms).
- CVE-2018-20122 - Remote code execution in Fastweb FASTgate router.
- CVE-2018-17172 - Remote code execution in Xerox Altalink printer.
- CVE-2018-7064 - Cross-site scripting (XSS) Reflected in Aruba Instant web interface.
- CVE-2017-17663 - Buffer overflow in thttpd and mini_httpd web server.