Hacking

BlueBorne kill-chain on Dockerized Android

Written by Angelo Delicato and Daniele Capone - 23 Sep 2021

Attacks on any device have become increasingly complex: attackers often string together multiple vulnerabilities in a chain of attacks that can cause devastating effects by requiring little user interaction. The main goals of this post are essentially two: first, we will do a general overview of the various phases of a cyber kill-chain and the […]

Bypass ASLR through function address inference

Written by Daniele Capone and Angelo Delicato - 15 Sep 2021

In this post, we are going to talk about Address Space Layout Randomization (ASLR) and a way to bypass this protection measure. We have reproduced this methodology on Android through the exploitation of an old CVE; however, it is possible to apply it in other contexts as well. Let’s go and see what it is […]

Leveraging Docker + VSCode to study web vulnerabilities

Written by Gaetano Perrone - 14 Dec 2020

Have you ever studied Docker? If you are a passionate about web hacking, study it! In this Post I am going to persuade you that using Docker to study web vulnerabilities is a good thing! If you want to understand more about this post, please follow Docker Documentation How do you find vulnerabilities? There are […]

Web Application Hacking – An introduction

Written by Gaetano Perrone - 23 Nov 2020

When trying to find a methodology for performing a Penetration Test against a Web Application (meaning those that are accessed using a browser to communicate with a web browser), one should keep in mind that Hackers’ activities to find new vulnerabilities always involve a great deal of creativity. It is possible, though, to explore all […]

Scroll to top