This year’s AppSec Europe was hosted in Rome, Italy and I decided to participate as a volunteer in order to help the OWASP organization and meet up with my friends of the Italian OWASP chapter. It was my first time at AppSec Europe and it was truly amazing. The event started with some hands on trainings running on 27th-28th-29th June …
ZoomEye : the CyberSpace search engine you never heard of
Everyone knows about the beloved Shodan and the new valid alternative Censys for searching IoT devices, even general newspaper wrote articles about them, but are you sure you aren’t missing anything? ZoomEye is a search engine for Cyberspace In Chinese ancient legends, there’s a famous ghost buster named Zhong Kui. Just like him, ZoomEye is created for hunting the demons in Cyberspace. …
Penetration testing course: 0x02 Prerequisites
I receive A LOT of private messages by people interested in “hacking”. 7 out of 10 are (sadly) people interested in learning how to hack a Facebook account, hack an email account, send spam through SMTP servers, find a good proxy for hiding their tracks while performing illegal activities (without having a clear concept of anonymity and privacy in mind) …
Web app pentest – testing for account enumeration (OTG-IDENT-004)
This website was created a bit more than a month ago at the time of writing this. As for any respectable website, choosing a cool domain name is important. I wanted to choose among some cool new TLD names approved by ICANN recently. I like martial arts and I loved the fact that .ninja domains exist but those I wanted …