diff --git a/docs/sql/reset-demo.sql b/docs/sql/reset-demo.sql
index 64f2e06..f76dff7 100644
--- a/docs/sql/reset-demo.sql
+++ b/docs/sql/reset-demo.sql
@@ -90,6 +90,25 @@ DELETE FROM users WHERE email LIKE '%.demo%';
 -- ── Organizzazioni demo ───────────────────────────────────────────────────
 DELETE FROM organizations WHERE id > 4;
 
+-- ── Amministratore permanente (sempre ripristinato) ───────────────────────
+-- cristiano.benassati@gmail.com deve sopravvivere a qualsiasi reset
+
+-- Rimuove eventuali token refresh dell'admin prima del re-insert
+DELETE rt FROM refresh_tokens rt
+    JOIN users u ON rt.user_id = u.id
+    WHERE u.email = 'cristiano.benassati@gmail.com';
+
+INSERT INTO users (email, password_hash, first_name, last_name, role, status)
+VALUES (
+    'cristiano.benassati@gmail.com',
+    '$2y$12$H/AJ7SgBowihcOcpblQ7PeanmoTXzgruv3mRvC.vexoRodNa7rAUi',
+    'Cristiano', 'Benassati', 'super_admin', 'active'
+)
+ON DUPLICATE KEY UPDATE
+    role          = 'super_admin',
+    status        = 'active',
+    password_hash = '$2y$12$H/AJ7SgBowihcOcpblQ7PeanmoTXzgruv3mRvC.vexoRodNa7rAUi';
+
 -- ── Ripristino FK ─────────────────────────────────────────────────────────
 SET FOREIGN_KEY_CHECKS = 1;
 
diff --git a/public/test-runner.php b/public/test-runner.php
index 3d3577c..7975885 100644
--- a/public/test-runner.php
+++ b/public/test-runner.php
@@ -133,6 +133,30 @@ function getCommands(): array
             'timeout'          => 30,
             'continue_on_fail' => false,
         ],
+        'full-reset-sim' => [
+            'label'            => '⚡ Reset + Simula + Testa Tutto',
+            'bash'             => implode(' && ', [
+                "echo '════════════════════════════════════════'",
+                "echo '  FASE 1 — Reset database demo'",
+                "echo '════════════════════════════════════════'",
+                "mysql -u nis2_agile_user -p\$(grep DB_PASSWORD {$root}/.env | cut -d= -f2) nis2_agile_db < {$root}/docs/sql/reset-demo.sql",
+                "echo '[OK] Reset completato. Admin cristiano.benassati@gmail.com preservato.'",
+                "echo ''",
+                "echo '════════════════════════════════════════'",
+                "echo '  FASE 2 — Simulazioni demo (SIM-01→05)'",
+                "echo '════════════════════════════════════════'",
+                PHP_BINARY . " {$root}/simulate-nis2.php",
+                "echo ''",
+                "echo '════════════════════════════════════════'",
+                "echo '  FASE 3 — Smoke tests API'",
+                "echo '════════════════════════════════════════'",
+                "curl -sf " . API_BASE . "/../api-status.php | python3 -m json.tool",
+                "echo '[OK] Suite completa terminata.'",
+            ]),
+            'cwd'              => $root,
+            'timeout'          => 720,
+            'continue_on_fail' => false,
+        ],
         'all' => [
             'label'            => 'Full Suite (health + simulate + chain)',
             'bash'             => implode(' && ', [
@@ -320,6 +344,7 @@ function serveUI(): void
     $url   = "https://nis2.agile.software/test-runner.php?t={$token}";
 
     $demoCredentials = [
+        ['role' => '★ Super Admin (permanente)', 'email' => 'cristiano.benassati@gmail.com', 'password' => 'Silvia1978!@', 'org' => 'Tutte'],
         ['role' => 'Admin (DataCore IT)', 'email' => 'admin@datacore.demo', 'password' => 'Demo2026!', 'org' => 'DataCore S.r.l.'],
         ['role' => 'Compliance (MedClinic)', 'email' => 'compliance@medclinic.demo', 'password' => 'Demo2026!', 'org' => 'MedClinic Italia S.p.A.'],
         ['role' => 'CISO (EnerNet)', 'email' => 'ciso@enernet.demo', 'password' => 'Demo2026!', 'org' => 'EnerNet Distribuzione S.r.l.'],
@@ -349,7 +374,7 @@ function serveUI(): void
         HTML;
     }
 
-    $testBtns = '';
+    $testBtns = "<button class='btn btn-fullreset' onclick=\"runCmd('full-reset-sim')\">⚡ Reset + Simula + Testa Tutto</button>\n<hr class='btn-sep'>\n";
     $testCmds = ['health', 'smoke', 'simulate', 'chain-verify', 'reset', 'all'];
     foreach ($testCmds as $id) {
         $label = $commands[$id]['label'] ?? $id;
@@ -427,6 +452,14 @@ body { display: flex; height: 100vh; background: var(--navy); color: var(--text)
 .btn:disabled { opacity: .4; cursor: not-allowed; }
 .btn-danger { background: rgba(239,68,68,.12); color: var(--red); }
 .btn-danger:hover { background: rgba(239,68,68,.22); }
+.btn-fullreset {
+    background: rgba(21,128,61,.25); color: #4ade80;
+    border: 1px solid rgba(21,128,61,.5);
+    font-size: .85rem; padding: .65rem .75rem;
+    text-align: center; letter-spacing: .01em;
+}
+.btn-fullreset:hover { background: rgba(21,128,61,.45); border-color: #4ade80; }
+.btn-sep { border: none; border-top: 1px solid var(--border); margin: .25rem 0; }
 
 /* Sim cards */
 .sim-card {