Some info about me


In brief

I have been into information security for several years now. My other passions are programming languages and network protocols. In more recent times I also got involved in computer forensics.

I have been a BackTrack developer since version 4.0 up to Kali version 1.0 (https://www.kali.org/).

Aside from technology and informatics, I like to explore many curious things: today's cutting edge innovation is often just the past rediscovered. So I am an avid reader, and for me a carefully chosen book is always a very appreciated gift.

I graduated from the University of L'Aquila (Università degli studi dell'Aquila) with a bachelor's degree in Computer Science (cum laude).


Publications and documents

Implementation of a compressor based on the Shannon's AEP theorem, Thesis for my Bachelor Degree, 23 July 2016.
Link: Copy on site

Single Process Parasite, appeared on Phrack n. 68, 14 April 2012.
Link: Copy on site

Exploting ARM Linux Systems An introduction, 31 January 2011
Link: Copy on site

Network manipulation in an Hex fashion An introduction to HexInject, September 2010
Link: http://hexinject.sourceforge.net/hexinject_introduction.pdf


Presentations

Si apre la frontiera del Phishing 3.0?, Gennaio 2010
Presented during Milan Security Summit 2010 (http://milano.securitysummit.it/)
Slides: sebug.net/paper/other/crossapp-present.pdf
Whitepaper: dl.packetstormsecurity.net/papers/general/crossapp-scripting.pdf


Tools and projects

Prolog-Talk, a natural language parser, second prize winner for the LISP In Summer competition of 2013.
Project page: https://github.com/crossbowerbt/prolog-talk/

GDB Python Utils, an utility library that provides additional functions to the standard GDB python scripting library. It also includes various tools, such as process communication sniffers and an in-memory fuzzer.
Project page: https://github.com/crossbowerbt/GDB-Python-Utils/

Hexinject, a versatile packet injector and sniffer, that provide a command-line framework for raw network access.
Project page: http://hexinject.sourceforge.net/

Complemento, a suite of security related network tools.
Project page: http://complemento.sourceforge.net/

Cymothoa, a stealth backdooring tool, that inject backdoor's shellcode into existing processes.
Project page: http://cymothoa.sourceforge.net/

Aranea, a fast and clean DNS spoofing tool, regular expressions based.
Project page: https://github.com/TigerSecurity/aranea

PassiveNetwork, a windows/linux graphical program (QT4), to manipulate and forward TCP connections.
Project page: https://github.com/TigerSecurity/PassiveNetwork

And some other scripts, patches and minor tools you can find on my github page...


Miscellanea

Various (Exploit-DB): https://www.exploit-db.com/author/?a=2926
Various (Packetstormsecurity): http://packetstormsecurity.org/search/?q=crossbower


Note for the potential customer/employer/partner:

I am interested in many things: some can be freely described, some are better kept hidden; some I remember, some I forgot.

One of the Myer-Briggs adepts said I live in intervals of time, and in intervals a lot can be accomplished (ever read Borges?).

So, if you have some idea or project to carry out and do not know if I have already some experience in that field, just contact me: the answer may surprise you.