Clik here to view.
MySQL Remote Root Authentication Bypass (CVE-2012-2122)
Follow @FantaGhost A new vulnerability discovered in MySQL Server allow an attacker to gain remote root privileges. According to the original article posted on SC Magazine “Security experts have...
View ArticleClik here to view.
Update your Linux distro using wget, yum or apt-get behind a proxy.
Follow @FantaGhost As you probably know, patching process is a very important aspect of security strategy and lifecycle: both Windows and *nix systems must be patched against vulnerabilities and...
View ArticleClik here to view.
How to scan a remote host anonymously using Nmap, Tor and Proxychain
Follow @FantaGhost In this post I will try to explain how to scan a remote host anonymously using Nmap, tor and proxychains tools. This tutorial is based on Debian-like distributions. I don’t explain...
View ArticleClik here to view.
How to crack MD5 hashes using free online resources
Follow @FantaGhost What is a MD5 hash ? I asked Wikipedia and it told me that is a “widely used cryptographic hash function that produces a 128-bit (16-byte) hash value“. To be more specific,Â...
View ArticleClik here to view.
How to install Netsniff-ng, an high performance open source network sniffer.
Follow @FantaGhost “Netsniff-ng is a free, high performance Linux networking toolkit. The gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel...
View ArticleClik here to view.
Rasperry PI : install PWNPI 3.0, a pentest-oriented Raspberry distribution
Follow @FantaGhost Finally my Raspberry PI Model B Rev.2 is arrived !! I choose to buy an used one just to start some testing I choose PWNPI 3.0 as operating system because it contains lots of useful...
View ArticleClik here to view.
VareseNews published my article about Home Computer Security
Follow @FantaGhost My article about Home Computer Security has been published by VareseNews (an Italian online newspaper) under it’s “Ventuno” blog. Take a look on...
View ArticleClik here to view.
The hidden side of Internet: access it anonymously using FreeNet
Follow @FantaGhost Every time we access an Internet resource (web, mail, IRC, etc…) our ADSL modem or router is connected “directly”: all packets transmitted by our computer are addressed via routers...
View ArticleClik here to view.
Check systems security with Lynis
Follow @FantaGhost How many times have you wondered about your systems security ? Using Linux or Mac is not enough! You must check and configure your systems to be as secure as possible. To do this we...
View ArticleClik here to view.
VareseNews published part two of my article about Computer Security
Follow @FantaGhost My article about Home Computer Security Part 2 has been published by VareseNews (an Italian online newspaper) under it’s “Ventuno” blog. Take a look on...
View ArticleClik here to view.
VareseNews published part three of my article about Computer Security
Follow @FantaGhost My article about Home Computer Security Part 3 has been published by VareseNews (an Italian online newspaper) under it’s “Ventuno” blog. Take a look on...
View ArticleClik here to view.
FGscanner is available for Download
Follow @FantaGhost Hi All! I finally completed FGscanner :) FGscanner is a perl script useful for finding directories that are not indexed, hidden pages, development or test folders on a webserver....
View ArticleClik here to view.
FGscanner has been published by PacketStorm Security
Follow @FantaGhost PacketStorm Security has published FGscanner under it’s Tools section. You can find it here
View ArticleClik here to view.
SANS Holiday Challenge 2013 Report
Follow @FantaGhost The SANS Holiday Challenge is an high-skilled Ethical Hacking technical exercise sponsored by SANS Cybercon and organized by Counterhack team. The 2013 edition is the tenth annual...
View ArticleClik here to view.
In-depth analysis of mmpifmxnth..vbs malware
Follow @FantaGhost Last week I was asked to check a Windows 7 x64 laptop due an extremely poor performances, so as first step I run a complete scan with AntiMalwareBytes free and Avira Antivirus. This...
View ArticleHeartbleed Testing and Detecting
A critical vulnerability has been identified in OpenSSL versions 1.0.1 – 1.0.1f (CVE-2014-0160) and it is well explained on HeartBleed website. Exploiting the HeartBleed vulnerability. Basically, an...
View ArticleCyber threats landscape and defense workshop
The Cyber threats landscape and defense workshop was held April 14th at ISIS “C. Facchinetti” Institute. The two-hours workshop was intended to illustrate and explain the evolution of cyber threats in...
View ArticleMalware related archives decryption using strings command
Cyber attacks landscape is evolving rapidly, reaching high levels of sophistication and complexity in order to exploit and breach enterprises, government entities, universities, financial institutions,...
View ArticleFgScanner included in BlackArch Linux
FgScanner has been included in BlackArch Linux. What is BlackArch Linux ? “BlackArch Linux is a lightweight expansion to Arch Linux for penetration testers and security researchers. The repository...
View ArticleMalvertising: una minaccia in espansione
Today the speech “Malvertising: una minaccia in espansione” has been hosted by “Festival ICT 2014″ in room 9 at 2:25 PM. Giacomo Milani and I have talked about Malvertising threats, infections trend,...
View Article
