Michele Orru' personal email
- Valid
Michele Orrù (@antisnatchor) is the lead core developer and “smart-minds-recruiter” for the BeEF project. He has a deep knowledge of programming in multiple lan- guages and paradigms, and is excited to apply this knowledge while reading and hacking code written by others. He is also the co-author of The Browser Hacker's Handbook published by Wiley (http://www.amazon.com/Browser-Hackers-Handbook-Wade-Alcorn/dp/1118662091/).Michele loves lateral thinking, black metal, and the communist utopia (there is still hope!). He also enjoys speaking and drinking at a multitude of hacking confer- ences, including CONFidence, DeepSec, Hacktivity, SecurityByte, AthCon, HackPra, OWASP AppSec USA, 44Con, EUSecWest, Ruxcon, and more we just can’t disclose.Besides having a grim passion for hacking and programming, he enjoys leaving his Mac alone, while fishing on saltwater and “praying” for Kubrick’s resurrection.Specialties: Web Application Security, Penetration Testing, Social Engineering, Red-team Engagements, Code Reviews, BeEF, Ruby/Java/JEE/Javascript development
-
Principal Security EngineerPersistent Security Industries Jul 2022 - Present -
Professional Freelancer404 - Not Found Jun 2017 - Jul 2022
-
Core DeveloperThe Beef Project Oct 2010 - Oct 2018As Web Application Security is one of my main research fields, I couldn't continue without being part of a good open source project. I was using BeEF from many years during pentests and security seminars, and now I'm proud to be part of the core development team. Thanks to Wade for inspiration on many things.Some of my work: - Thin/Rack/Sinatra migration, RESTful API, core architectural and code development; - coaching other people to delve in the BeEF core and/or modules and extensions development; - A number of extensions: Social Engineering, Evasion, Tunneling Proxy, XssRays, etc.. - A number of droppers (Java, Firefox) and other exploits - many enhancements, command modules and general bug fixing. -
Senior Security ConsultantFortconsult | Part Of Ncc Group Apr 2015 - Jun 2017Providing professional consulting services to clients in the following areas: - Application Penetration Testing, - Phishing and Social Engineering, - Source Code Analysis and Secure Architecture/Coding guidelines. -
Senior Security ConsultantTrustwave Spiderlabs Apr 2012 - Mar 2015London, United KingdomProviding professional consulting services to clients in the following areas: - Application Penetration Testing, - Source Code Analysis and Secure Architecture/Code guidelines, - Social Engineering, - Secure Development and Pentesting live trainings, - Internal Products Pentesting and Code Review. -
Penetration Testing SpecialistRoyal Bank Of Scotland Group Mar 2011 - Mar 2012Penetration testing of worldwide banking systems. Vulnerability research activities.Main Areas:- Web Application Security- Infrastructure/Web penetration tests and build reviews on *NIX/Linux/Windows- BeEF -
Writer And Beta-TesterHakin9 Nov 2006 - Feb 2011Writer and beta-tester (http://en.wikipedia.org/wiki/Hakin9) Official writer, reviewer and beta-tester of articles in english anditalian. I've written three articles by now:1. Introducion to Firewalls: from ISO/OSI stack to DMZ(published in english and italian)2. Gentoo Hardened: portare la sicurezza di Linux all'estremo(published in italian, November 2007);3. Sniffing SSL/TLS connections through fake certificate injection(published in english, January 2008).
-
Network And Security ManagerIntegratingweb May 2007 - Nov 2010Build a secure, reliable and powerful Linux based platform forIntegratingWeb with CentoOS 5. Admin and check regularly thehealth of the system.- Official developer of the OpenSource project Opentaps (www.opentaps.org), and contributor of Apache Ofbiz (security)- Implement and Manage the security of the web applications withAcegi Security and JAAS.- Threat Assesment and Penetration testing on the system and thewebsite.- Threat Assesment and Penetration Testing on the IT structure ofmiller.it (and his first product, streamit.it).Skills: Gentoo Hardened, Grsecurity, Sun AP, Glassfish, Jetty, Tomcat, Apache, Postgresql, Postfix, Cyrus-SASL, ProFTP, vsftp, Snort, Base, iptables, Cisco ASDM, tripwire, Nessus, hping, amap, Metasploit,Paros, Burp, Spring Security, JAAS.
-
Researcher And DeveloperInfn-Cnaf May 2009 - May 2010Researcher and Developer at INFN -CNAF (National Institute of Nuclear Phisycs, Bologna): - working with OGF-europe (www.ogfeurope.eu) on the OCCI cloud interface, and cloud computing use-cases collection - main Java developer of INFN-CNAF research on Cloud Computing (Spring, Hibernate, Restlet, Jetty, X.509, Kerberos, Shibboleth, Platform LSF, Xen/KVM, Eucalyptus) - penetration tester on some web application that monitor the Tier-1 Grid infrastructure (WMS monitor) -
Programmer And AnalystLogital S.P.A Nov 2008 - Apr 2009Managing software development in legacy products using Visual Basic 6 for the biggest Italian companies. Linux and Java reference person. Java development for Real time access control systems and Real Time media content distribution Bologna buses.
-
Penetration TesterMiller S.R.L Sep 2007 - Dec 2007I did some penetration tests on the network infrastructure, especially black box testing on mail and web servers, and on Flash applications.
-
Teaching Assistant In Computer Networks CourseUniversity Of Bergen Feb 2007 - May 2007Teaching assistant in the course of Computer Networks at HighTechnology Center. My work was help the students during labs withexercices and in-depth explanations about security topics relatedwith the course. -
System Administrator And Security EngineerDet Akademiske Kvarter Aug 2006 - Feb 2007System administrator and Security Engineer- Build a secure IDS server with FreeBSD and OpenBSD;- Penetration Testing of the remotely exposed servers and the eticketapplication [https://intern.kvarteret.no/ticket/] used by allthe students(700 c.a.).Skills: *BSD, Debian, arpwatch, Snort, Postgresql, pf, OpenLDAP,Apache, Exim, BIND, MySQL, Paros, nmap, amap, webscarab.
-
System Administrator And Security EngineerFantoft Studentboliger Network Group Sep 2006 - Nov 2006System administrator and Security EngineerHelp the Network Group to mitigate and prevent arpspoofing/sniffing into the Fantoft network, managing HP and Dlinkswitches with SNMP and implementing IDS sensors tostatically monitor the arp:IP association of main servers.Skills: OpenBSD, Snort, SnortSam, MySQL, iptables, Acid, dsniff,ettercap.
Michele Orru' Skills
Michele Orru' Education Details
-
Information Technology -
Information Technology
Frequently Asked Questions about Michele Orru'
What company does Michele Orru' work for?
Michele Orru' works for Persistent Security Industries
What is Michele Orru''s role at the current company?
Michele Orru''s current role is Phishing Connoisseur.
What is Michele Orru''s email address?
Michele Orru''s email address is an****@****ail.com
What schools did Michele Orru' attend?
Michele Orru' attended Alma Mater Studiorum – Università Di Bologna, University Of Bergen (Uib).
What are some of Michele Orru''s interests?
Michele Orru' has interest in Penetration Testing, Beef, Jee/ruby/javascript, Wafs, Reverse Engineering And Sca, Web Application Security.
What skills is Michele Orru' known for?
Michele Orru' has skills like Penetration Testing, Web Application Security, Computer Security, Java, Information Security, Linux, Ruby, Security, Network Security, Beef, Firewalls, Hacking.
Not the Michele Orru' you were looking for?
-
Michele. Orru
Italy -
-
-
Michele Orrù
Cagliari -
Free Chrome Extension
Find emails, phones & company data instantly
Aero Online
Your AI prospecting assistant
Select data to include:
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial