Security VS Corporate Management
The devil and holy water THE SITUATION Having had the opportunity to observe a few hundred companies over the past 30 years, to date there...
Unveiling the Hidden Threat: Dissecting a Malware on PyPI repository
In the vast realm of software development, the Python Package Index has long been a trusted repository for Python packages. However, even the most reliable...
๐ฎ๐น Conosciamo Matteo Lucchetti โ Penetration Tester/Red Teamer
I miei primi approcci nel campo dell'informatica risalgono circa alla fine degli anni '90. Avevo poco piรน di cinque anni quando ho iniziato a mettere...
Inside the Mind of a Cyber Attacker: from Malware creation to Data Exfiltration (Part 1)
DISCLAIMER - This article is provided for educational and informational purposes only. The techniques, tools, and examples discussed are intended to promote a better understanding...
๐ฎ๐น Conosciamo Enrico Ingenito – Sales Manager
Il mio percorso professionale รจ iniziato nel mondo delle TLC nel 1983, tra le braccia della Mamma dei Fili nazionale: da lรฌ in poi ho...
Hacking the Dutch government
A few months ago I found out that the dutch government is hosting a bug-bounty program that covers a lot of assets from their infrastructures....
CVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF
Introduction In the past few weeks, I worked with @LukeGix (checkout his blog post on the same vulnerability here) to exploit the CVE-2022-2602, a very...
How an Akamai misconfiguration earned us USD 46.000
A few months ago me and my friend Jacopo Tediosi made an interesting discovery about an Akamai misconfiguration that allowed us to earn more than...
Workshop: Linux Kernel Exploitation 101 – Part 2
https://youtu.be/2FMTdFbjIsk Slide: https://hacktivesecurity-my.sharepoint.com/:b:/p/alessandro/EX9sSrCCRIlLqvkHoRl7_jQBB6xKgV_qLL9UA5fIwf2Cbw?e=cCQpixMateriale utilizzato nel video (per poter replicare i lab): https://hacktivesecurity-my.sharepoint.com/:u:/p/alessandro/EX08cV3wTzZJsEeEQwZvw80BbybF2CpUmJdsXXGlY0hnwA?e=JaGru3Il materiale รจ stato testato con Ubuntu 20.04 con architettura x86_64. Non dovrebbero esserci...