โŒ

Normal view

There are new articles available, click to refresh the page.
Before yesterdayHacktive Security Blog

Conosciamo Alessio Romano โ€“ Penetration Tester

By: o___o
28 February 2024 at 06:39
Il mio primo approccio al mondo dellโ€™informatica, differentemente da quanto ci si aspetterebbe, รจ stato simile a quello di molti altri che, come me, sono nati alla fine degli anni โ€™90: la prima volta che ho interagito con un computer non ho fatto altro che accenderlo, aprire un file mp3 con il media player di [โ€ฆ]

Offensive Machine Learning โ€“ practical introduction

16 January 2024 at 17:06
Disclaimer This article is intended to be an introduction to machine learning applied to cybersecurity that is understandable even to those who approach it without a prior knowledge of the subject. In order to show weaknesses not all best practices will be followed and some logical errors will be voluntarily included, including code. Therefore, the [โ€ฆ]

Inside the Mind of a Cyber Attacker: from Malware creation to Data Exfiltration (Part 2)

15 November 2023 at 06:18
DISCLAIMER โ€“ This article is provided for educational and informational purposes only. The techniques, tools, and examples discussed are intended to promote a better understanding of cybersecurity and to enhance defensive measures. The usage of these techniques should strictly adhere to applicable laws, regulations, and ethical guidelines. The author and publisher of this article shall [โ€ฆ]

Security VS Corporate Management

13 September 2023 at 07:01
The devil and holy waterย  THE SITUATIONย  Having had the opportunity to observe a few hundred companies over the past 30 years, to date there is a greater and growing awareness of information security issues or corporate security more generally. It can be said that a good portion of the corporate and medium-sized enterprise has [โ€ฆ]

Unveiling the Hidden Threat: Dissecting a Malware on PyPI repository

2 August 2023 at 13:13
In the vast realm of software development, the Python Package Index has long been a trusted repository for Python packages. However, even the most reliable platforms are not immune to the ever-evolving landscape of cyber threats. My recent investigation led me to stumble upon a malicious package lurking within PyPI, disguised as a seemingly โ€œinnocent [โ€ฆ]

๐Ÿ‡ฎ๐Ÿ‡น Conosciamo Matteo Lucchetti โ€“ Penetration Tester/Red Teamer

20 June 2023 at 20:53
I miei primi approcci nel campo dellโ€™informatica risalgono circa alla fine degli anni โ€™90. Avevo poco piรน di cinque anni quando ho iniziato a mettere le mani sul computer dei miei genitori. Giร  allora ero molto curioso e mi affascinava esplorare quel vecchio sistema operativo che mi portava a perdermi tra le cartelle del file [โ€ฆ]

Inside the Mind of a Cyber Attacker: from Malware creation to Data Exfiltration (Part 1)

5 June 2023 at 08:26
DISCLAIMER โ€“ This article is provided for educational and informational purposes only. The techniques, tools, and examples discussed are intended to promote a better understanding of cybersecurity and to enhance defensive measures. The usage of these techniques should strictly adhere to applicable laws, regulations, and ethical guidelines. The author and publisher of this article shall [โ€ฆ]

๐Ÿ‡ฎ๐Ÿ‡น Conosciamo Enrico Ingenito โ€“ Sales Manager

By: o___o
19 April 2023 at 10:26
Il mio percorso professionale รจ iniziato nel mondo delle TLC nel 1983, tra le braccia della Mamma dei Fili nazionale: da lรฌ in poi ho avuto la fortuna sfacciata di partecipare a piรน o meno tutte le corse allโ€™oro legate alla continua rivoluzione tecnologica. Dai fosfori verdi della CLI del terminale 3270 fino a Chat [โ€ฆ]

Hacking the Dutch government

5 April 2023 at 08:05
A few months ago I found out that the dutch government is hosting a bug-bounty program that covers a lot of assets from their infrastructures. The program scope available at https://www.communicatierijk.nl/vakkennis/r/rijkswebsites/verplichte-richtlijnen/websiteregister-rijksoverheid appears to be really wide, with more than 1000 targets, that allowed to find some interesting application by running some basic passive subdomain enumeration [โ€ฆ]

Intigriti November XSS Challenge

21 November 2021 at 23:00
The bug bounty program Intigriti hosts an XSS challenge every month. This time, the challenge was about bypassing CSP by reloading a VueJS instance, getting able to exploit a client side template injection. My solution can be summarized in 4 main steps: Finding reflection and achieving HTML Injection Accessing an abusable piece of code, containing [โ€ฆ]

CVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF

21 December 2022 at 06:00
Introduction In the past few weeks, I worked with @LukeGix (checkout his blog post on the same vulnerability here) to exploit the CVE-2022-2602, a very interesting bug from multiple perspectives without a public exploit, that impacts the io_uring subsystem with an Use-After-Free vulnerability handling registered file descriptors.We used a Data-Only attack against kernel version 5.15.74 [โ€ฆ]

How an Akamai misconfiguration earned us USD 46.000

17 September 2022 at 13:58
A few months ago me and my friend Jacopo Tediosi made an interesting discovery about an Akamai misconfiguration that allowed us to earn more than 46,000 dollars. Our research highlighted how manipulating a particular HTTP header made it possible to change the way how proxies communicated with each other and how this allowed us to [โ€ฆ]

Workshop: Linux Kernel Exploitation 101 โ€“ Part 2

By: o___o
12 September 2022 at 07:25
Slide: https://hacktivesecurity-my.sharepoint.com/:b:/p/alessandro/EX9sSrCCRIlLqvkHoRl7_jQBB6xKgV_qLL9UA5fIwf2Cbw?e=cCQpixMateriale utilizzato nel video (per poter replicare i lab): https://hacktivesecurity-my.sharepoint.com/:u:/p/alessandro/EX08cV3wTzZJsEeEQwZvw80BbybF2CpUmJdsXXGlY0hnwA?e=JaGru3Il materiale รจ stato testato con Ubuntu 20.04 con architettura x86_64. Non dovrebbero esserci problemi con altre release. Per iscriverti al workshop del 25 settembre, segui le pagine social di Cyber Saiyan (organizzazione di Romhack) Linkedin: https://www.linkedin.com/company/cyber-saiyan/ Twitter: https://twitter.com/cybersaiyanIT Link allโ€™evento: https://romhack.camp/camp-schedule/ Inoltre, per rimanere [โ€ฆ]

Workshop: Linux Kernel Exploitation 101 โ€“ Part 1

By: o___o
12 September 2022 at 07:22
Slide: https://hacktivesecurity-my.sharepoint.com/:b:/p/alessandro/EX9sSrCCRIlLqvkHoRl7_jQBB6xKgV_qLL9UA5fIwf2Cbw?e=cCQpixMateriale utilizzato nel video (per poter replicare i lab): https://hacktivesecurity-my.sharepoint.com/:u:/p/alessandro/EX08cV3wTzZJsEeEQwZvw80BbybF2CpUmJdsXXGlY0hnwA?e=JaGru3Il materiale รจ stato testato con Ubuntu 20.04 con architettura x86_64. Non dovrebbero esserci problemi con altre release. Per iscriverti al workshop del 25 settembre, segui le pagine social di Cyber Saiyan (organizzazione di Romhack) Linkedin: https://www.linkedin.com/company/cyber-saiyan/ Twitter: https://twitter.com/cybersaiyanIT Link allโ€™evento: https://romhack.camp/camp-schedule/ Inoltre, per rimanere [โ€ฆ]

Dynamic caching: What could go wrong?

27 July 2022 at 08:47
Tl;DrThe Engintron plugin for CPanel presents a default configuration which could expose applications to account takeover and / or sensitive data exposure due to cache poisoning attacks. Whenever a client sends a request to a web server, the received response is processed and served by the back-end service each time. In case of an high [โ€ฆ]

Linux Kernel Exploit Development: 1day case study

13 June 2022 at 10:01
Introduction I was searching for a vulnerability that permitted me to practise what Iโ€™ve learned in the last period on Linux Kernel Exploitation with a โ€œreal-lifeโ€ scenario. Since I had a week to dedicate my time in Hacktive Security to deepen a specific argument, I decided to search for a public vulnerability without a public [โ€ฆ]

KRWX: Kernel Read Write Execute

12 March 2022 at 15:41
Introduction Github project: https://github.com/kiks7/KRWX During the last few months/year I was studying and approaching the Kernel Exploitation subject and during this journey I developed few tools that assissted me (and currently assist) on better understanding specific topics. Today I want to release my favourine one: KRWX (Kernel Read Write Execute). It is a simple LKM [โ€ฆ]

Intigriti XSS Challenge โ€“ December 2021

27 December 2021 at 14:33
The approach to this challenge was completely different from the past two months, as the vulnerable component was on the backend, forcing us to approach it as a black box scenario. The page presents a simple submittable get form providing the open and payload parameters. To reach that from the UI, a user has to [โ€ฆ]
โŒ
โŒ