Blog

ThePhish: an automated phishing email analysis tool

Written by Emanuele Galdi - 4 Nov 2021

As of today, phishing emails are the most widely used infection vector. This means that the number of alerts related to emails to analyze is growing faster and faster. The problem is that analyzing an email is a complex and tedious process that can make an analyst waste the majority of its time on repetitive […]

BlueBorne kill-chain on Dockerized Android

Written by Angelo Delicato and Daniele Capone - 23 Sep 2021

Attacks on any device have become increasingly complex: attackers often string together multiple vulnerabilities in a chain of attacks that can cause devastating effects by requiring little user interaction. The main goals of this post are essentially two: first, we will do a general overview of the various phases of a cyber kill-chain and the […]

Bypass ASLR through function address inference

Written by Daniele Capone and Angelo Delicato - 15 Sep 2021

In this post, we are going to talk about Address Space Layout Randomization (ASLR) and a way to bypass this protection measure. We have reproduced this methodology on Android through the exploitation of an old CVE; however, it is possible to apply it in other contexts as well. Let’s go and see what it is […]

A secure private knowledge base with open-source tools

Written by Angelo Delicato - 8 Sep 2021

Every team has to keep its knowledge in order, it is mandatory to have an internal documentation that is well organized and easy to access. In this post we are going to show how to create a secure private knowledge base with an open-source tool, let’s go forward to it!

A container-based framework for Android emulation (and hacking)

Written by Angelo Delicato - 2 Sep 2021

Currently, there are 3.8 billion smartphone users in the world and this number is going to increase much more in the future; this situation poses a security risk for companies and people. Speaking about security, most of the companies around the world use Cyber Ranges to train their personnel, the problem is that current-generation Cyber […]

Using Docker Security Playground to create unserialize() Object Injection in Yet Another Stars Rating laboratory

Written by Gaetano Perrone - 14 Dec 2020

In previous post I’ve describe how it is possible to use Docker in order to setup a Docker environment to study Yet Another Stars Rating wordpress plugin https://wpscan.com/vulnerability/9207. Here I am going to show you how you can configure a vulnerable environment by using Docker Security Playground . Docker Security Playground installation Install DSP is […]

Leveraging Docker + VSCode to study web vulnerabilities

Written by Gaetano Perrone - 14 Dec 2020

Have you ever studied Docker? If you are a passionate about web hacking, study it! In this Post I am going to persuade you that using Docker to study web vulnerabilities is a good thing! If you want to understand more about this post, please follow Docker Documentation How do you find vulnerabilities? There are […]

CVE-2020-2229 JENKINS UP TO 2.251/LTS 2.235.3 TOOLTIP STORED CROSS SITE SCRIPTING

Written by Gaetano Perrone - 11 Dec 2020

In this Post, I show how I have create the Proof Of Concept for CVE-2020-2229 . I found a vulnerable version Jenkins 2.249 during a Penetration Test, I was trying to investigate available exploits for this vulnerability, but I did not find anything. Well, Jenkins is an amazing wonderful project, the best way that I […]

Web Application Hacking – An introduction

Written by Gaetano Perrone - 23 Nov 2020

When trying to find a methodology for performing a Penetration Test against a Web Application (meaning those that are accessed using a browser to communicate with a web browser), one should keep in mind that Hackers’ activities to find new vulnerabilities always involve a great deal of creativity. It is possible, though, to explore all […]

Scroll to top