$ whoami
Davide Virruso - z3er01. Security researcher working across application and hardware security, part of ZeroNvll. The work is finding and exploiting flaws in real-world products - web applications, network appliances, embedded systems - and taking them apart until the result holds up.
Quote
Break the code, make it a good deal.
What I do
- 0day research - auditing closed-source appliances and software for memory-safety, logic, and authentication flaws.
- Exploit development - turning bugs into reliable proof-of-concepts, from auth bypasses to remote code execution.
- Hardware & firmware - analysing embedded devices, extracting and reverse-engineering firmware images.
- Coordinated disclosure - working an issue through to a fix, then publishing the analysis once the patch ships.
Track record
ZeroNvll's published portfolio spans vendors including GFI Software, Cisco, Oracle, Check Point, and the Eclipse Foundation - disclosed CVEs with full analyses in the Research section.
I also operate on public bug bounty programs:
Get in touch
Contacts has the channels - and the PGP key for anything sensitive.