From 7aed0eca7e62f6950cab85486d30b8f894f268c0 Mon Sep 17 00:00:00 2001 From: "Danilo M." Date: Thu, 26 Mar 2026 11:02:48 +0100 Subject: added new version of the danix.me hugo site, coauthored by claude-code --- data/certs.yaml | 34 ++++++++++++++++++++++++++++ data/contact.yaml | 23 +++++++++++++++++++ data/education.yaml | 31 ++++++++++++++++++++++++++ data/projects.yaml | 17 ++++++++++++++ data/services.yaml | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++ data/skills.yaml | 35 +++++++++++++++++++++++++++++ 6 files changed, 204 insertions(+) create mode 100644 data/certs.yaml create mode 100644 data/contact.yaml create mode 100644 data/education.yaml create mode 100644 data/projects.yaml create mode 100644 data/services.yaml create mode 100644 data/skills.yaml (limited to 'data') diff --git a/data/certs.yaml b/data/certs.yaml new file mode 100644 index 0000000..aade9c7 --- /dev/null +++ b/data/certs.yaml @@ -0,0 +1,34 @@ +- badge: "fa-solid fa-shield-halved" + name: "BSCP" + issuer: "PortSwigger" + desc_en: "Burp Suite Certified Professional — advanced web application penetration testing certification covering complex vulnerabilities and expert-level Burp Suite usage." + desc_it: "Burp Suite Certified Professional — certificazione avanzata di penetration testing su applicazioni web, con focus su vulnerabilità complesse e uso esperto di Burp Suite." + issuer_val: "PortSwigger" + level_en: "Advanced" + level_it: "Avanzato" + type_en: "Practical" + type_it: "Pratica" + in_progress: true + placeholder: false + +- image: "/img/certs/ejpt_badge.png" + name: "eJPT" + issuer: "eLearnSecurity · INE" + desc_en: "eLearnSecurity Junior Penetration Tester — entry-level certification validating practical penetration testing skills: network analysis, exploitation, and professional reporting." + desc_it: "eLearnSecurity Junior Penetration Tester — certificazione entry-level che valida competenze pratiche di penetration testing: analisi di rete, sfruttamento di vulnerabilità e redazione di report professionali." + issuer_val: "INE / eLS" + level_en: "Entry" + level_it: "Base" + type_en: "Practical" + type_it: "Pratica" + date: "03/2026" + placeholder: false + +- badge: "fa-solid fa-plus" + name_en: "Next Cert" + name_it: "Prossima Cert." + issuer_en: "In Progress…" + issuer_it: "In corso…" + desc_en: "Always learning, always leveling up. New certifications on the horizon." + desc_it: "In costante formazione e crescita. Nuove certificazioni all'orizzonte." + placeholder: true diff --git a/data/contact.yaml b/data/contact.yaml new file mode 100644 index 0000000..d20756e --- /dev/null +++ b/data/contact.yaml @@ -0,0 +1,23 @@ +- icon: "fa-solid fa-envelope" + label: "Email" + email_user: "danilo.macri" + email_domain: "danix.me" + external: false + +- icon: "fa-brands fa-linkedin-in" + label: "LinkedIn" + value: "linkedin.com/in/danilo-macri-aka-danix" + href: "https://linkedin.com/in/danilo-macri-aka-danix" + external: true + +- icon: "fa-brands fa-github" + label: "GitHub" + value: "github.com/danixland" + href: "https://github.com/danixland" + external: true + +- icon: "fa-solid fa-flag" + label: "hackthebox" + value: "danix on HTB" + href: "https://profile.hackthebox.com/profile/019c9acf-058e-71a2-8680-bcee49bb3c31" + external: true diff --git a/data/education.yaml b/data/education.yaml new file mode 100644 index 0000000..7b0d38a --- /dev/null +++ b/data/education.yaml @@ -0,0 +1,31 @@ +- period: "06/2025 – 01/2026" + degree_en: "Master CyberSecurity Specialist" + degree_it: "Master CyberSecurity Specialist" + institution_en: "Epicode School of Technology" + institution_it: "Epicode School of Technology" + desc_en: |- + Highly technical Professional Master's (250+ hours) specializing in dual-stack cybersecurity. I gained extensive experience in offensive security through system and web app penetration testing, while also mastering defensive operations by designing SOC workflows for vulnerability remediation and patch management. + - Offensive Security (**Red Teaming**): Gained specialized expertise in full-stack penetration testing, encompassing systems, complex network architectures, and web applications. Developed a methodical approach to identifying vulnerabilities, exploiting weaknesses, and documenting security gaps. + - Defensive Operations (**Blue Teaming**): Engineered and managed Security Operations Center (SOC) environments to monitor and defend critical infrastructure. Gained proficiency in vulnerability lifecycle management, including the deployment of patches and the implementation of robust mitigation strategies for both legacy systems and modern web applications. + desc_it: |- + Master Professionale ad Alto Contenuto Tecnico (250+ ore) con specializzazione in Cybersecurity Dual-Stack. + + Ho maturato un'esperienza approfondita nella Offensive Security attraverso penetration test su sistemi e web app, consolidando al contempo le competenze in Defensive Operations tramite la progettazione di workflow SOC per la remediation delle vulnerabilità e il patch management. + - Offensive Security (**Red Team**): Competenza specialistica in penetration testing full-stack su sistemi, architetture di rete complesse e applicazioni web. Ho sviluppato un approccio metodico per identificare vulnerabilità, testare i punti deboli e documentare le falle di sicurezza. + - Defensive Operations (**Blue Team**): Progettazione e gestione di ambienti Security Operations Center (SOC) per il monitoraggio e la difesa di infrastrutture critiche. Esperienza avanzata nella gestione del ciclo di vita delle vulnerabilità, dall'implementazione delle patch alle strategie di mitigazione per sistemi legacy e moderne applicazioni web. + current: true + +- period: "2004" + degree_en: "High School Diploma" + degree_it: "Diploma di Maturità" + institution_en: "IIS \"Umberto Zanotti Bianco\" — Marina di Gioiosa Jonica (RC)" + institution_it: "IIS \"Umberto Zanotti Bianco\" — Marina di Gioiosa Jonica (RC)" + desc_en: | + Subject: Tourism + + Grade: 77/100 + desc_it: | + Indirizzo: Turismo + + Voto: 77/100 + current: false diff --git a/data/projects.yaml b/data/projects.yaml new file mode 100644 index 0000000..a88a126 --- /dev/null +++ b/data/projects.yaml @@ -0,0 +1,17 @@ +- title: "sl(HACK)ware" + subtitle_en: "Open Source pentesting · Slackware" + subtitle_it: "Pentesting open source · Slackware" + image: "/img/projects/sl-hack-ware.jpg" + desc_en: "Open Source pentesting suite of programs packaged for Slackware GNU/Linux." + desc_it: "Suite open source di programmi per pentesting pacchettizzati per Slackware GNU/Linux." + url: "https://github.com/danixland/Slackware-Pentesting-Suite" + tags: [Slackware, Pentesting, "Open Source", Linux] + +- title: "Password Generator" + subtitle_en: "Python · GNU/Linux" + subtitle_it: "Python · GNU/Linux" + image: "/img/projects/passgen_h.jpg" + desc_en: "A Python script that generates strong, easy to memorize passwords using random words from a dictionary file." + desc_it: "Uno script Python che genera password forti e facili da memorizzare usando parole casuali da un file dizionario." + url: "https://github.com/danixland/passgen" + tags: [Python, "GNU/Linux", Security] diff --git a/data/services.yaml b/data/services.yaml new file mode 100644 index 0000000..533b5d2 --- /dev/null +++ b/data/services.yaml @@ -0,0 +1,64 @@ +- icon: "fa-solid fa-bug" + title_en: "Vulnerabilities" + title_it: "Vulnerabilità" + subtitle_en: "Assessments & Penetration Testing" + subtitle_it: "Assessment & Penetration Testing" + desc_en: |- + A stress test for your digital infrastructure using eJPT methodology to identify security gaps before they are exploited. + - **Network Security**: Evaluating internal and external network entry points. + - **Web Application Testing**: Specialized assessments for custom apps, LAMP stacks, and WordPress environments. + - **Actionable Reporting**: You won't just get a list of bugs; you’ll get a roadmap for remediation tailored to your technical (or non-technical) team. + + desc_it: |- + Uno stress test per la tua infrastruttura digitale usando la metodologia eJPT per identificare falle di sicurezza prima che vengano sfruttate. + - **Network Security**: Valutazione dei punti di accesso alla rete, sia interni che esterni. + - **Web Application Testing**: Assessment specializzati per applicazioni custom, stack LAMP e ambienti WordPress. + - **Reportistica Applicabile**: Non riceverai un semplice elenco di bug, ma una vera tabella di marcia per la risoluzione dei problemi, pensata su misura per il tuo team (tecnico o meno). + +- icon: "fa-solid fa-shield" + title_en: "Hardening" + title_it: "Hardening" + subtitle_en: "Network, Systems & Website Hardening" + subtitle_it: "Hardening di Reti, Sistemi e Siti Web" + desc_en: |- + Leverages 20+ years of Linux expertise to move organizations from default configurations to solid defensive postures. + - **Server Security**: Auditing and securing LAMP stacks on Slackware/Debian/Ubuntu/RHEL environments. + - **Container & Virtualization Security**: Securing Proxmox environments and Dockerized workflows to ensure isolation and least-privilege access. + - **System Automation**: Custom Python and Bash scripting to automate security monitoring and routine maintenance. + + desc_it: |- + Sfrutta oltre 20 anni di esperienza con Linux per portare le organizzazioni da configurazioni predefinite a posture difensive solide. + - **Server Security**: Audit e messa in sicurezza di stack LAMP in ambienti Slackware, Debian, Ubuntu e RHEL. + - **Container & Virtualization Security**: Protezione di ambienti Proxmox e workflow Dockerizzati per garantire isolamento e accesso secondo il principio del *least-privilege*. + - **System Automation**: Scripting personalizzato in Python e Bash per automatizzare il monitoraggio della sicurezza e la manutenzione ordinaria. + +- icon: "fa-solid fa-chalkboard-user" + title_en: "Human Firewall" + title_it: "Firewall Umano" + subtitle_en: "Security Awareness Training" + subtitle_it: "Formazione sulla Sicurezza" + desc_en: |- + Uses management background to translate technical concepts into practical staff training. + - **Executive Briefings**: Explaining high-level risks and ROI on security investments to stakeholders. + - **Staff Workshops**: Teaching non-technical teams how to spot phishing, manage passwords (using mnemonic techniques), and maintain "security hygiene." + + desc_it: |- + Sfrutta l'esperienza manageriale per tradurre concetti tecnici in formazione pratica per il personale. + - **Executive Briefing**: Spiego agli stakeholder i rischi di alto livello e il ROI (ritorno sull'investimento) delle soluzioni di sicurezza. + - **Workshop per lo Staff**: Insegno ai team non tecnici come riconoscere il phishing, gestire le password (anche tramite tecniche mnemoniche) e mantenere una corretta 'igiene digitale'. + +- icon: "fa-solid fa-clipboard-check" + title_en: "Security Check-ups" + title_it: "Check-up di Sicurezza" + subtitle_en: "Small Business Security Assessments" + subtitle_it: "Assessment per Piccole Imprese" + desc_en: |- + Tailored for SMEs without dedicated IT departments. + - **Security Posture Review**: A holistic look at your current tools, backup strategies, and password policies. + - **WordPress Hardening**: Specialized security audits for WordPress sites, including plugin/theme code reviews to prevent SQL injections and XSS attacks. + + desc_it: |- + Pensato per le PMI senza un reparto IT dedicato. + - **Security Posture Review**: Un'analisi olistica dei tuoi strumenti attuali, delle strategie di backup e delle policy di gestione delle password. + - **WordPress Hardening**: Audit di sicurezza specializzati per siti WordPress, incluse revisioni del codice di plugin e temi per prevenire attacchi SQL injection e XSS. + diff --git a/data/skills.yaml b/data/skills.yaml new file mode 100644 index 0000000..cbb7b75 --- /dev/null +++ b/data/skills.yaml @@ -0,0 +1,35 @@ +- icon: "fa-solid fa-crosshairs" + name_en: "Penetration Testing" + name_it: "Penetration Testing" + level: 0.75 + tags: [Metasploit, "Burp Suite", nmap, SQLMap] + +- icon: "fa-solid fa-network-wired" + name_en: "Network Security" + name_it: "Sicurezza di Rete" + level: 0.68 + tags: [Wireshark, "TCP/IP", Firewalls, VPN] + +- icon: "fa-brands fa-linux" + name_en: "Linux / Kali" + name_it: "Linux / Kali" + level: 0.95 + tags: ["Kali Linux", Bash, "Priv. Esc.", "File System"] + +- icon: "fa-solid fa-user-secret" + name_en: "OSINT" + name_it: "OSINT" + level: 0.62 + tags: [Maltego, Shodan, Recon-ng] + +- icon: "fa-solid fa-terminal" + name_en: "Scripting" + name_it: "Scripting" + level: 0.85 + tags: [Python, Bash, PowerShell] + +- icon: "fa-solid fa-shield-halved" + name_en: "Web Security" + name_it: "Sicurezza Web" + level: 0.77 + tags: ["OWASP Top 10", XSS, SQLi, IDOR] -- cgit v1.2.3