whoami

Danilo Macrì

I bridge the gap between complex technical vulnerabilities and actionable business security. From deep-tissue network assessments to infrastructure hardening, I help you secure what matters most - without the jargon.
↗ Get in Touch → Learn More Download CV
scroll
About

Background

I am a Cybersecurity Specialist and certified eJPT pentester with a unique mission: making complex security simple.

With over 20 years of experience as a Linux power user, I help companies evaluate their security posture across networks, apps, and systems.

My background in high-pressure service management taught me that the best technical solution is useless if it isn’t communicated clearly. Whether I’m hardening a LAMP server or managing my Proxmox home lab, I focus on delivering actionable insights for technical and non-technical stakeholders alike.

profile.json
~cat profile.json
{
  "name": "Danilo Macrì",
  "role": "CyberSecurity Specialist",
  "cert": "eJPT",
  "focus": "Pen Testing",
  "location": "Italy",
  "status": "open to work"
}
Services

What I Do

Vulnerabilities
Assessments & Penetration Testing

A stress test for your digital infrastructure using eJPT methodology to identify security gaps before they are exploited.

  • Network Security: Evaluating internal and external network entry points.
  • Web Application Testing: Specialized assessments for custom apps, LAMP stacks, and WordPress environments.
  • Actionable Reporting: You won’t just get a list of bugs; you’ll get a roadmap for remediation tailored to your technical (or non-technical) team.
Hardening
Network, Systems & Website Hardening

Leverages 20+ years of Linux expertise to move organizations from default configurations to solid defensive postures.

  • Server Security: Auditing and securing LAMP stacks on Slackware/Debian/Ubuntu/RHEL environments.
  • Container & Virtualization Security: Securing Proxmox environments and Dockerized workflows to ensure isolation and least-privilege access.
  • System Automation: Custom Python and Bash scripting to automate security monitoring and routine maintenance.
Human Firewall
Security Awareness Training

Uses management background to translate technical concepts into practical staff training.

  • Executive Briefings: Explaining high-level risks and ROI on security investments to stakeholders.
  • Staff Workshops: Teaching non-technical teams how to spot phishing, manage passwords (using mnemonic techniques), and maintain “security hygiene.”
Security Check-ups
Small Business Security Assessments

Tailored for SMEs without dedicated IT departments.

  • Security Posture Review: A holistic look at your current tools, backup strategies, and password policies.
  • WordPress Hardening: Specialized security audits for WordPress sites, including plugin/theme code reviews to prevent SQL injections and XSS attacks.
Skills

Toolkit

Penetration Testing
MetasploitBurp SuitenmapSQLMap
Network Security
WiresharkTCP/IPFirewallsVPN
Linux / Kali
Kali LinuxBashPriv. Esc.File System
OSINT
MaltegoShodanRecon-ng
Scripting
PythonBashPowerShell
Web Security
OWASP Top 10XSSSQLiIDOR
Education

Academic Path

06/2025 – 01/2026
Master CyberSecurity Specialist
Epicode School of Technology

Highly technical Professional Master’s (250+ hours) specializing in dual-stack cybersecurity. I gained extensive experience in offensive security through system and web app penetration testing, while also mastering defensive operations by designing SOC workflows for vulnerability remediation and patch management.

  • Offensive Security (Red Teaming): Gained specialized expertise in full-stack penetration testing, encompassing systems, complex network architectures, and web applications. Developed a methodical approach to identifying vulnerabilities, exploiting weaknesses, and documenting security gaps.
  • Defensive Operations (Blue Teaming): Engineered and managed Security Operations Center (SOC) environments to monitor and defend critical infrastructure. Gained proficiency in vulnerability lifecycle management, including the deployment of patches and the implementation of robust mitigation strategies for both legacy systems and modern web applications.
2004
High School Diploma
IIS "Umberto Zanotti Bianco" — Marina di Gioiosa Jonica (RC)

Subject: Tourism

Grade: 77/100

Certifications

Credentials

Studying
BSCP
PortSwigger

Burp Suite Certified Professional — advanced web application penetration testing certification covering complex vulnerabilities and expert-level Burp Suite usage.

Issuer PortSwigger
Level Advanced
Type Practical
03/2026
eJPT
eJPT
eLearnSecurity · INE

eLearnSecurity Junior Penetration Tester — entry-level certification validating practical penetration testing skills: network analysis, exploitation, and professional reporting.

Issuer INE / eLS
Level Entry
Type Practical
Next Cert
In Progress…

Always learning, always leveling up. New certifications on the horizon.

Projects

My Work

sl(HACK)ware

sl(HACK)ware

Open Source pentesting · Slackware

SlackwarePentestingOpen SourceLinux

Open Source pentesting suite of programs packaged for Slackware GNU/Linux.

View Project
Password Generator

Password Generator

Python · GNU/Linux

PythonGNU/LinuxSecurity

A Python script that generates strong, easy to memorize passwords using random words from a dictionary file.

View Project

Next Project

Got an exciting idea? I'm always open to collaborating on something new. Let's build something great together.

Get in Touch
Contact

Let's Connect

Whether you have an opportunity, a security challenge, or just want to talk — my inbox is open.