Hacking Around: Previse – HTB writeup

Written by Nicola d'Ambrosio - 17 Jan 2022

Today we publish the first post of a new series: Hacking Around. With this series, we want to share some interesting writeups about CTF machines around the most famous websites. So we present you a Previse Writeup (Hack The Box machine), let’s go!

Invisible Backdoors in Javascript and How to detect them

Written by Angelo Delicato - 29 Nov 2021

Working in Cybersecurity is like living in the jungle. Every day you gotta watch out for possible threats that could endanger you. Today we talk about a new kind of vulnerability which is quite sneaky, because it is invisible. Yep, we are going to talk about Invisible Backdoors.

BlueBorne kill-chain on Dockerized Android

Written by Angelo Delicato and Daniele Capone - 23 Sep 2021

Attacks on any device have become increasingly complex: attackers often string together multiple vulnerabilities in a chain of attacks that can cause devastating effects by requiring little user interaction. The main goals of this post are essentially two: first, we will do a general overview of the various phases of a cyber kill-chain and the […]

Bypass ASLR through function address inference

Written by Daniele Capone and Angelo Delicato - 15 Sep 2021

In this post, we are going to talk about Address Space Layout Randomization (ASLR) and a way to bypass this protection measure. We have reproduced this methodology on Android through the exploitation of an old CVE; however, it is possible to apply it in other contexts as well. Let’s go and see what it is […]

Leveraging Docker + VSCode to study web vulnerabilities

Written by Gaetano Perrone - 14 Dec 2020

Have you ever studied Docker? If you are a passionate about web hacking, study it! In this Post I am going to persuade you that using Docker to study web vulnerabilities is a good thing! If you want to understand more about this post, please follow Docker Documentation How do you find vulnerabilities? There are […]

Web Application Hacking – An introduction

Written by Gaetano Perrone - 23 Nov 2020

When trying to find a methodology for performing a Penetration Test against a Web Application (meaning those that are accessed using a browser to communicate with a web browser), one should keep in mind that Hackers’ activities to find new vulnerabilities always involve a great deal of creativity. It is possible, though, to explore all […]

Scroll to top