📧 [email protected]

• Web Measurement at Scale — mapping misconfigurations and exposure across the public web
• Systemic Enterprise Risk — how small failures cascade into org-wide incidents
• Software Supply Chain Security — dependency risk, build integrity, SBOM adoption

I'm a PhD student in Cyber Security and Economics at the University of Tulsa. With a strong foundation in computer science, economics, and cybersecurity, I focus on researching large-scale vulnerability scanning and improving internet security practices.

• Ph.D. in Cyber Security and Economics
  University of Tulsa, Aug 2024 - Present
  Focus: Large-scale vulnerability scanning and Enterprise Security

• M.S. in Computer Science and Cyber Security
  University of Trento, Sep 2020 - Jun 2023

• B.S. in Information Engineering and Business Organization
  University of Trento, Dec 2019

• "Measuring enterprise software supply chain security using public repositories" (2025) – ACM CCS-SCORED 2025
  Authors: Dmytro Kashchuk, Tyler Moore Presented at ACM CCS 25 - SCORED Workshop. Large-scale SBOM/CVE study of Forbes Global 2000 GitHub repos showing 11.7% vulnerable dependencies, comparable risk in active vs. inactive projects, and widespread reuse of flawed libraries (semver, Log4j); releases the largest public dataset to date.

  📄 Read the full paper: ACM CCS

• "Mind the CORS" (2023) – IEEE-TPS 2023
  Authors: Matteo Golinelli, Elham Arshad, Dmytro Kashchuk, and Bruno Crispo
  Presented at: The 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). This study conducted a large-scale analysis of Cross-Origin Resource Sharing (CORS) configurations across the Tranco Top 50k websites, revealing security flaws in 29.4% of them. The research highlights critical risks, including Denial of Service (DoS) attacks, emphasizing the real-world exploitability of these vulnerabilities.

  📄 Read the full paper: IEEE Xplore

• Java E-commerce Platform
  Developed a web-based e-commerce platform using JSP with a real-time chat feature via WebSocket.
• Telegram Content Crawler
  Co-founded a tool to detect and remove illicit (GORE) content from Telegram channels, assisting national and international agencies in preventing the spread of harmful content.
• Python Financial Planner
  Created an expense categorization tool using the LLAMA 3 Model.

• Programming Languages: C#, C++, Python, Java
• Web Development: Frontend and Backend, Networks
• Technologies: MySQL, Android Programming, Blockchain, Cryptography

• Graduate Research Assistant @ The University of Tulsa | Aug 2024 - Present |Tulsa (OK) - USA Part-time and on-site

• Cybersecurity Researcher @ University of Trento | Dec 2024 - Jul 2025 | Trento (TN) - Italy Conducted analysis of CORS flaws in top 50K tranco websites and developed a Python scanner to detect CORS misconfiguration that can lead to DoS attacks.

• Networking Intern @ University of Trento | Sep 2020 - Mar 2021 | Trento (TN) - Italy Created a Raspberry Pi-based Smartphones Wi-Fi detection system for disaster response, helping to locate individuals during natural disasters.

• Internship in Technology and Device Integration @ Arcese Spa| May 2016 - Aug 2016 | Arco (TN) - Italy Helped move the company from BlackBerry to Nokia—set up everyone’s phones and configured new network devices to make things faster, more reliable, and more secure.

I'm deepening my expertise in advanced cybersecurity techniques, vulnerability scanning, and ethical hacking.

• 🎮 Capture The Flag enthusiast and Hack The Box participant
• 💡 Passionate about investing in the stock market
• ⚽ Amateur soccer player
• ✈️ Love exploring new places and experiencing unique adventures
• 🎮 Player in the TU League of Legends Esports team

Feel free to connect and collaborate on cybersecurity projects or research initiatives!