Hello World 👋!
I am Nicolò Vinci from Riva del Garda, Italy 🇮🇹. I have started to write on this personal blog to share about technical Offensive Security topics and I am going to use this blog as a tracker for my projects.
In my free time, I like working out or playing Padel 🎾. Travelling is my other big passion! I love visiting new places and getting in touch with different cultures. But, I always end up in warm countries close to the sea, because I enjoy doing Stand-Up Paddle (aka SUP) 🏄.
I am always free to share thoughts and experiences about any area within Cyber Security, so feel free to reach me out on LinkedIn, Discord or email.
Interests
I started my journey in Cyber Security configuring virtual firewalls for my networking university project. Then, I quickly discovered the Offensive world owning a CTF machine with the infamous Eternal Blue exploit. After that, I have never looked back and always pushed forward to learn more!
Right now, my main area of interest is Penetration Testing specifically Web Application and Active Directory. I have spent much time learning new exploitation techniques on PortSwigger Academy, TryHackMe and Hack the Box which I believe they are amazing platforms.
However, I would like to shift my focus more on Malware Development and Security Research in Windows environments or specific Web Application topics. Expect to read posts about me learning and struggling with new techologies!
Achievements and Certificates
In the last years, I have been able to obtain some relevant certificates such as OSCP, CRTP, PNPT, PT1, AWS CCP and Security+. All of them have strenghten my IT and Cyber Security background and methodology. I am going to pursue other certificates in future, because it is full of great materials out there and taking new exams help my professional growth.
Then, I began my journey in researching vulnerabilities outside work environment reviewing WordPress plugins source code. I found two stored Cross-Site Scripting which resulted in CVE-2024-2402 and CVE-2024-2404. Another achievement is CVE-2024-10126 which is related to a Local File Inclusion in the M-Files product. The last CVE I got assigned is CVE-2025-23363 and granted me to be in the Siemens Hall of Thanks!
So, I kinda started doing security research, but just for web vulnerabilities related. Now, I would like to deep dive into other areas and try to find something new.
Curriculum Vitae
More details about my professional career can be found on my Curriculum Vitae.