JonLuca De Caro

About

Hi! I'm JonLuca De Caro. I was born and raised in Vicenza, Italy, and moved to California in 2014. I studied Computer Science at the Viterbi School of Engineering, at USC. I'll be working at Apple as a Security Engineer starting in May 2018. Over the summer of 2017, I worked for Deloitte as a Cyber Security Specialist.

I enjoyed being an active member of the USC community, with a focus on tech and entertainment:

• Ex-President of Scope, USC's software engineering club
• Ex-Project Manager at Code the Change, an organization dedicated to providing free software for non-profits
• Organizer of Los Angeles' GitHub Field Day, a regional unconference for leaders of technical student communities
• Senior Producer of TrojanArcade, USC's gaming and entertainment news tv show
• E-Board of USC IMAX Club, where we host screenings of movies with cast members, directors, and other guests involved with the film at the Zemeckis center
• Member of Lavalab, USC's premier startup incubator
• Member of CAIS++, the Center for AI in Society.
• Course Producer for CSCI 201, Principles of Software Development and CSCI 356, Computer Systems - I've created and managed automation tools, assignments, and various servers to aid in the running of the class. Other duties include holding office hours, answer online questions, and writing scripts to detect cheating.
• Consultant at USC Entertainment Technology Consortium, an organization that brings together senior executives from the entertainment and technology industries with academic faculty and researchers to address topics related to the creation of entertainment content

Education

• University of Southern California - 2018, B.Sc., Computer Science and Cybersecurity
• Massachusett's Institute of Technology - 2013, Research, Graph Theory

Work

I am a developer and security researcher - you can find most of my work on GitHub. I have built production-ready applications in a variety of languages and mediums. I have a focus on security work - I do freelance penetration testing and bug bounties, specifically for webapps and network security. My PGP public key can be found here.

USC

• Code the Change - I'm the Project Manager for Code the Change's LA Mayor's Project. We have partnered with the city of Los Angeles to help add functionality to the Mayor's Dashboard, a site that provides useful metrics to gauge current progress of the Mayor's initiatives.


• Scope - As Managing Director of Scope, I've tried to foster a community a some of the best developers at USC. In Fall of 2017, we've had events with the CIA, Google, Facebook, Twitter, Disney, and a tech talk with one of the authors of TensorFlow.


• USC Computer Science - I am a TA for two classes at USC, CSCI 201 and CSCI 356, the Software Engineering and Systems class respectively. I've helped create and manage projects, and hold office hours to help students better understand the material. I also created an automated grading server for 356, with a full admin console to monitor student progress and make managing the class easier.


• Deloitte - At Deloitte, I worked with clients to fortify their security practices. I also implemented and built frameworks to aid in penetration tests and client engagementsf.


• GitHub Field Day - I've was on the organizing committee of LA's GitHub Field Day, which brought the leadership of tech clubs from schools in the Southern California area together to share ideas, methods, and past knowledge.


• Entertainment Technology Center - Since my sophomore year, I've been consulting with ETC@USC, an organization dedicated to bridging the gap between Hollywood and Technology. We have meetings and round tables with Disney, Sony, Paramount, and various other large studios to consult on current trends and provide recommendations on how to shape their business models to adapt to new tech.


• Schedule of Classes - Author of the Chrome Extension USC Schedule Helper, which helps alleviate a lot of the common issues with registration at USC. I also built a complete back end for class notifications, with a public, rate-limited API here.

Professional

• Deloitte - At Deloitte, I worked with clients to fortify their security practices. I also implemented and built frameworks to aid in penetration tests and client engagementsf.

Languages

• C++
• Java
• JavaScript
• Swift
• Python

Technologies/Mediums

• Desktop (Electron)
• Desktop (Qt)
• iOS
• Node.js
• Chrome Extension
• Middleware
• Scalable API Creation
• Slackbot
• Debian Repository

Articles

• Optimizing a Static Site (this one!)
• Quantum Key Exchanges
• Man in the Middle iOS Attacks: The Danger of Relying on a Single Layer of Security
• Security as a Spectrum: An Intro Through Analogy
• Mapping out Bank of America’s Credit Card Portals
• Communication versus Storage Trade-Offs in Data Distribution Systems

Contact

• GitHub
• Email

Additionally, my PGP key can be found here. Verification hashes have been also uploaded to pastebin, here.

5 Days, 5 Projects

Over Spring Break 2017, I built five products in five days. The projects are listed below.

5 Days, 5 Projects

• Day 1: ‹ REMOVED ›
• Day 2: PickAPlace, featuring Quinn Ngo - source
• Day 3: UberOrLyft - source
• Day 4: SimplifyMe - source
• Day 5: PitchforkReviews - source

Other Projects

Additionally, I've worked on a few other personal projects, and contribute to open source software as much as possible.

• Anubis - Subdomain enumerator and information gathering tool for security engagements
• Anubis-DB - Server for Anubis, which stores all previously found subdomains
• Never Ending Netflix - A Chrome Extension to amplify your Netflix experience
• Hoverzoom - Chrome Extension that expands images on a myriad of sites on hover (collaborator)
• PasteBinApp - iOS App to quickly upload to PasteBin - iOS link
• USC Directory Scraper - Node.js app that quickly scrapes every USC email. 160,000 emails in <1 hour
• USC Schedule Helper - Chrome Extension to add functionality to USC web registration
• DismissBlackboard - Chrome Extension to quickly dismiss all blackboard notifications
• BulkReddit - A website to quickly cache any subreddits text posts, for easy consumption while offline
• RandomComic - Shows a random comic from one of 6 websites. Customizable, responsive, and intuitive.
• USC Class Notifier API - An API for USC Schedule Notifications, the back end to USC Schedule Helper
• ModClear - Chrome Extension to quickly clear all your modmail on reddit
• AddToAmex - Chrome Extension to add all available American Express offers to your credit card
• Burp Copy As Node - Burp extension that allows you to copy a network request as Node.js code
• Clear Reddit Unmoderated - Reddit bot to clear out the unmoderated queues for subreddits, as a moderator.
• Candy Crush Hack - Java Swing desktop applications to hack save game files for Candy Crush
• Master Repo - Centralized list of jailbroken debian repositories

404

Not Found!