Hacktive Security Blog

Active Directory

Inside the Mind of a Cyber Attacker: from Malware creation to Data Exfiltration (Part 2)

November 15, 2023November 15, 2023

DISCLAIMER - This article is provided for educational and informational purposes only. The techniques, tools, and examples discussed are intended to promote a better understanding...

GRC

Security VS Corporate Management

Angelo Chiarot

September 13, 2023September 13, 2023

The devil and holy water THE SITUATION Having had the opportunity to observe a few hundred companies over the past 30 years, to date there...

Active Directory

Unveiling the Hidden Threat: Dissecting a Malware on PyPI repository (Part 1)

calfcrusher

August 2, 2023November 15, 2023

In the vast realm of software development, the Python Package Index has long been a trusted repository for Python packages. However, even the most reliable...

Meet The Team

🇮🇹 Conosciamo Matteo Lucchetti – Penetration Tester/Red Teamer

Matteo Lucchetti

June 20, 2023June 20, 2023

I miei primi approcci nel campo dell'informatica risalgono circa alla fine degli anni '90. Avevo poco più di cinque anni quando ho iniziato a mettere...

Red Teaming

Inside the Mind of a Cyber Attacker: from Malware creation to Data Exfiltration (Part 1)

calfcrusher

June 5, 2023June 6, 2023

DISCLAIMER - This article is provided for educational and informational purposes only. The techniques, tools, and examples discussed are intended to promote a better understanding...

Meet The Team

🇮🇹 Conosciamo Enrico Ingenito – Sales Manager

o___o

April 19, 2023April 20, 2023

Il mio percorso professionale è iniziato nel mondo delle TLC nel 1983, tra le braccia della Mamma dei Fili nazionale: da lì in poi ho...

Uncategorized

Hacking the Dutch government

Michele Mariani

April 5, 2023April 20, 2023

A few months ago I found out that the dutch government is hosting a bug-bounty program that covers a lot of assets from their infrastructures....

Exploitation

CVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF

Alessandro Groppo

December 21, 2022December 27, 2022

Introduction In the past few weeks, I worked with @LukeGix (checkout his blog post on the same vulnerability here) to exploit the CVE-2022-2602, a very...