Luca Morini

• Web Application Penetration Testing
• Mobile Application Penetration Testing
• Infrastructural Penetration Testing
• External Penetration Testing
• Wi-Fi Penetration Testing
• Cloud Penetration Testing
• Open Source Information Gathering
• Phishing Campaigns
• Vulnerability Assessments
• Web Application Scanning
  
• System Administrator
• Automation developer
• Pentesters Trainer

Products knowledge:

• Fortinet
• PhisingBox

Extern at:

Boehringer Ingelheim as SOC Operator LV2:

• Ticket solving
• Vulnerability Managements
• Vulnerability Assessments
• Automation development
• Forensics analysis

Internal:

Penetration Tester

• WiFi Assessments
• Web Application Penetration Test
• Vulnerability Analysis

Products Knowledge:

• PaloAlto Firewall
• QRadar
• Microsoft ATP
• F5 Load Balancer
• ServiceNow
• Qualys

• Vulnerability Assessment
• Infrastructural Penetration Testing
• Web Application Penetration Testing
• Mobile Applications Penetration Testing (iOS / Android)
• Static Code Analysis

Product Knowledge:

• Fortify

• Vulnerability Assessment
• Penetration testing
• VAPT Trainer
• Open Source Information Gathering

Products Knowledge:

• Nessus
• Spiderfoot
• Maltego

Intern as Pentester:

Vulnerability Assessment

Penetration testing

• Infrastructural
• Web Applications
• Mobile (Android / iOS)
• ATM and POS
• WiFi Assessment
• Phishing / USB baiting Campaigns
• Social Engineering

Extern at:

Terna spa as Security Consultant:

• Vulnerability Assessment
• Penetration Tests
• System engineer

Italian Minister of foreign affairs as SOC Operator LV2:

• Firewall Manage
• Antispam Manage
• Load Balancer Manage
• Forensics Analysis

Product knowledge:

• Nessus
• OpenVAS
• Nexpose
• kali
• metasploit
• Alfa Network cards
• OWASP ZAP
• BurpSuite
• PaloAlto
• CheckPoint
• Fortinet
• IronPort
• F5 Load Balancer
• Archsite
• Celebrite
• GoPhish

Extern at:

ACEA as Security operation center (SOC) LV1 - Blue Team:

• Networking
• Firewalling
• Implementation of security policies
• Automation development
• Tickets solving
• Creation of VPN IPsec tunnels
• Network traffic analysis (log firewall / SIEM / log proxy)
• Event correlation and analysis
• Active Directory Manage
• AntiSpam Manage
• Proxy Manage
• SSL VPN Manage

Sogei as pentester - Red team:

• Penetration testing
• WAF manage

Consip as Code Analyst:

• Static code analysis

Products knowledge:

• Remedy
• SIEM RSA
• Juniper Firewall
• PaloAlto Firewall
• CISCO ASA Firewall
• Forcepoint Proxy
• Symantec AntiSpam
• Tufin
• Pulse Secure SSL VPN
• Cisco AnyConnect SSL VPN
• Positive Technologies code analyzer
• Positive Technologies WAF

Developing of web sites and web applications using:

• HTML5, PHP, CSS3, JavaScript, jQuery, MySQL, Python, Java

Advanced competencies of:

• GNU/Linux, UNIX, Windows, Mac OSX
• Bash, batch, Python

• Some penetration tests following the OSCP methodology

Extern at:

Lamborghini spa as HelpDesk operator lv 1

• Asset management
• Ticket solving
• Active Directory Manage
• Security Policies Management
• IMAC Rollout

CRIF spa as Document Writer

• Drafting of technical documentation

Product knowledge:

• Remedy
• Active Directory
• E-Policy Orchestrator (McAfee)
• Office Suite

System Integrator:

• Manage of virtual machines over Amazon EC2
• Installation and maintenance of LAMP (Linux Apache MySQL PHP) servers
• Creation of websites using wordpress/Joomla CMS or HTML5, CSS3, PHP and JavaScript
• Onsite assistance at the customer or at the datacenters
• Creation of bash / python scripts in order to automate the productive process
• Manage of Synology Backup Systems

Computer Technician:

• Hardware and software repairs over PC, smartphone and Tablets
• Specialized on iPhone hardware repairs
• Virus cleaning from infected systems
• HardDisk migration from SATA to SSD
• Formatting of Windows or installing Linux
• Analog to digital conversion