This year’s AppSec Europe was hosted in Rome, Italy and I decided to participate as a volunteer in order to help the OWASP organization and meet up with my friends of the Italian OWASP chapter. It was my first time at AppSec Europe and it was truly amazing. The event started with some hands on trainings running on 27th-28th-29th June …
Cracking the infosec interview for fun and profit – how not to suck and get $$ hired $$
There are many people with different backgrounds approaching the world of Information Security and trying to land a job in this field: software developers, sysadmins, network engineers, IT technicians, even people whose formal education and previous job don’t have anything to do with Infosec. Nowadays there aren’t strict requirements in terms of education for being an Information Security Professional, everyone …
Penetration testing course: 0x02 Prerequisites
I receive A LOT of private messages by people interested in “hacking”. 7 out of 10 are (sadly) people interested in learning how to hack a Facebook account, hack an email account, send spam through SMTP servers, find a good proxy for hiding their tracks while performing illegal activities (without having a clear concept of anonymity and privacy in mind) …
Web app pentest – testing for account enumeration (OTG-IDENT-004)
This website was created a bit more than a month ago at the time of writing this. As for any respectable website, choosing a cool domain name is important. I wanted to choose among some cool new TLD names approved by ICANN recently. I like martial arts and I loved the fact that .ninja domains exist but those I wanted …