All Stories

Backflip into the stack

During my OSCE journey I came across an interesting technique to jump backwards into the very beginning of the buffer injected on the vulnerable process.

A closer look to msf-egghunter

The egghunting is a technique used in exploit writing to deal with evil shellcode to be placed in a memory location different from the one we are redirected via EIP...

Digging into Vulnserver: fuzzing it

Vulnserver is a Win32 application built to simulate a TCP/IP server listening on port 9999 and accepting commands from unauthenticated clients.

Getting root: Matrix

It was last year when I received the email saying I passed the Penetration testing with Kali Linux course and eventually I became an OSCP guy.

How to calculate your network address in CIDR notation

Sometime I need to quick nmap the network just right cable plug. Since I’m lazy I created a simple bash script to calculate the network address in CIDR notation, starting...

The shellerate project: yet another framework for shellcode generation

Last summer, as I told on Codice Insicuro, my Italian blog about cybersecurity and related, I took the x86 Assembly Language and Shellcoding on Linux course and related certification.