Mattia Reggiani

Flying under the radar

Whoami

Offensive security enthusiast, graduated summa cum laude from a Master’s Degree in Information Security at the University of Milan, certified CCSAS (CREST Certified Simulated Attack Specialist), OSCP (Offensive Security Certified Professional), CCT Inf (CREST Certified Infrastructure Tester) and CEH (Certified Ethical Hacker).

I have been working for NCC Group as Principal security consultant, specialising in Adversary Simulation, Intelligence-led Red Teaming and Network Infrastructure Security. This has allowed me to have a wide view on information security issues and solutions, developing both a technical and a management-oriented point of view.

In my leisure time I use to do several sports, such as motorbike, kickboxing, snowboarding and surfing.

Public

Undisclosed

I have been working on different private projects focussing on offensive security (adversary simulation) using the following languages: Golang, C/C++ and C#.

Advisories

Conferences

  • AIEA (ISACA) Torino chapter – Web (in)security: le principali criticità delle web application nel 2015 – Torino, 24 Sept 2015
  • AIEA (ISACA) Milano chapter – Web (in)security: le principali criticità delle web application nel 2015 – Milano, 18 Sept 2015
  • HackNet Europe – Pwn HTML5 2 Own internal network – Berlino, 30 May 2015
  • LUG Filibusta – Sicurezza nel Social Networking: Sniffing del traffico HTTPS con Ettercap e SSL Strip – Crema, 21 May 2014
  • E-Privacy – Frontiere future e futuribili della Social Media Security – Firenze, 4 Apr 2014

Articles

  • Insider Threat: Tecniche di Exfiltration – ICT Security Magazine – 2018
  • A brief introduction to Forensic Readiness – InfoSec Institute – 2016
  • Purple Teaming: A Security-Testing Collaborative – InfoSec Institute – 2016
  • Writing an Effective Penetration Testing Report – PenTest Magazine – 2016
  • VoIP Call Modification – InfoSec Institute – 2016
  • Attacking WPA2 Enterprise – InfoSec Institute – 2015
  • Social media Security: introduzione teorica e possibile approccio – Ciberspazio e Diritto, n. 50, Mucchi Editore 2014

Contact Me