🇮🇹 Ciao,
sono Andrea Draghetti, aka Drego, sono nato e vivo a Bologna e sono un ricercatore di Sicurezza Informatica. Diplomato come Perito in Elettronica e Telecomunicazioni e Laureato in Sicurezza dei Sistemi e delle Reti Informatiche all’Università di Milano con una tesi sull’evoluzione del phishing.
Attualmente sono il responsabile del team di Threat Intelligence di D3Lab.
Questo è il mio blog personale dove parlo di informatica e non solo.
Podismo, Fotografia e Formula 1 sono sono i miei principali hobby. Sono un donatore di sangue e un forte sostenitore della lotta contro l’HIV.
🇬🇧 Hello,
I am Andrea Draghetti, aka Drego, I was born and live in Bologna and I am an IT Security researcher. I have a high school diploma in Electronics and Telecommunications and a bachelor degree in Computer Systems and Networks Security at the University of Milan with a thesis on the evolution of phishing.
I am currently the head of the D3Lab Threat Intelligence team.
This is my personal blog where I write about IT and more.
Running, Photography and Formula 1 are my main hobbies. I am a blood donor and a strong supporter of the fight against HIV.
Resume – Curriculum Vitae
You can download my resume here.
Projects:
- meioc (Mail Extractor IoC)
- htpw (.htaccess to protect WordPress)
- tosint (Telegram OSINT)
- Phishing Army
- Other minor projects visible on my GitHub profile.
Development:
- Python
- PHP
- Several other languages, but with less thorough knowledge.
Security Disclosure:
- 2021: ilPost: AWS Bucket Credentials Leaked and Information Disclosure
- 2019: Gruppo TIM: SQL Injection
- 2018: Gruppo TIM: Security Misconfiguration
- 2016: Telegram: Security Misconfiguration (SMTP Open Relay)
- 2016: Vodafone Station: Unauthenticated full router backend access
- 2015: iGyno: SQL Injection, Arbitrary File Upload/Delete, RCE and Remote Database Disclosure
- 2001: Multiple Italian Newspapers: Unauthenticated access to the online version of the newspapers
- Other disclosures on OpenBugBounty.
Publications: