I am a PhD Student at the Sapienza University of Rome, working on Systems Security. My focus is applying Fuzzing and Program Analysis techniques to find and mitigate architectural and microarchitectural vulnerabilities.
I am also a passionate CTF player focusing on exploitation and reverse-engineering with TRX and mhackeroni teams.
Co-founder and current lead of the DEFCON Group in Rome.
Black Hat speaker and Pwnie Award winner:
PhD in Engineering in Computer Science (current), 2023
Sapienza University of Rome
MSc in Engineering in Computer Science, 2019
Sapienza University of Rome
BSc in Engineering in Computer Science, 2017
Sapienza University of Rome
The first dynamic analysis framework for CPU microcode. Pwnie Award for Most Innovative Research
A compiler-based system to automatically harden programs against microarchitectural side channels.
Ghidra Processor Module to disassemble and decompile x86 Intel Atom microcode.
use-after-free in the Linux kernel | |
information disclosure in Intel CPUs (ÆPIC Leak) | |
undefined behavior in protobuf-c |
|
DoS in solidity compiler |
|
integer overflow vulnerability in Harfbuzz |
|
undefined behavior in lzrip |
|
DoS in njs |
|
undefined behavior in stb |
|
invalid free in lrzip |
|
use-after-free in stb |
|
integer overflow vulnerability in stb |
|
DoS in matio |
|
integer overflow vulnerability in FFmpeg |
|
timing side-channel vulnerability in wolfSSL |