About Lorenzo
Italian
Native or bilingual
English
Fluent
Experience
- Lorenzo FradeaniCybersecurity SpecialistDIGITAL AND ITJanuary 2023 - Today (3 years and 7 months)ItalyIndependent cybersecurity specialist focused on offensive security, vulnerability research, and security audits for web applications and AI systems.Verifiable results:– Public CVE on Patchstack (2026): Broken Access Control vulnerability identified in a widely used WordPress plugin (Eventin), CVSS 7.5 HIGH. The flaw lies in a public REST API endpoint exposing valid wp_rest nonces to unauthenticated visitors, with multiple controllers using the nonce as the sole authorization check. Validated by Patchstack and patched by the vendor.– Second vulnerability rated CVSS 8.3 HIGH in Snipe-IT (enterprise asset management system), currently under coordinated disclosure with MITRE.– Systematic white-box review applied to over 30 WordPress plugins and codebases, using a proprietary methodology focused on authorization logic, input handling, and trust boundaries.Excalibur — proprietary agentic offensive framework:Closed-source framework I have been building for autonomous security testing operations. Six orchestrated AI agents covering the full engagement lifecycle: reconnaissance, exploitation, evasion, command-and-control, and reporting. Real-time tactical dashboard, multi-operator C2 architecture, and a custom evasion engine. Demo available under NDA.Service offering for clients:– Web application penetration testing and white-box code review– Vulnerability research on custom and open-source codebases– Security audit of DNS configurations (SPF, DKIM, DMARC) and HTTP security headers– Hardening of publishing infrastructure (Cloudflare, WAF, security headers)– AI security: red-teaming of LLM-based applications, prompt injection assessment, agentic pipeline review
- Lorenzo FradeaniAI/ML EngineerDIGITAL AND ITJanuary 2024 - Today (2 years and 7 months)Carrara, MS, ItalyIndependent AI/ML engineer focused on building production-ready AI systems end-to-end: from model training to deployment, with a strong emphasis on reliability, maintainability, and security of the underlying pipeline.ALIVE — Real-time audio sentiment classifier (lead engineer):Custom AI system designed and built from scratch for welcome.covohotel.com, a technology studio for live performance. Operating as lead engineer on the project since 2024.– Audio classification model fine-tuned to 93.86% validation accuracy on a proprietary dataset of audience reactions– End-to-end ML pipeline with ONNX export, continual learning loop, and versioned dataset management– Multi-platform desktop application built with Tauri and a Rust backend, performing real-time inference on-device– Designed to drive generative visuals from the audience's emotional state during live performancesService offering for clients:– End-to-end design and development of custom AI applications, from data collection to production deployment– Fine-tuning of open-source language and audio models on proprietary datasets– RAG (Retrieval-Augmented Generation) systems for enterprise knowledge bases– Multi-step agentic workflows with tool use and orchestration– Production ML pipelines: training, ONNX export, on-device or server-side inference, monitoring– Technical advisory on AI architecture and tooling choices for early-stage productsStack: Python, PyTorch, HuggingFace, ONNX Runtime, FastAPI, LangChain, Tauri, Rust.Approach: I deliver projects that are built to last in production, not as demos. Every system I build includes proper evaluation harnesses, monitoring, and documentation that allow the client team to maintain and extend the work after handover.
Recommendations
Be the first to recommend Lorenzo
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Higher Technical Institute (ITS)2026
Certifications
- OSCP+OffSec