Marco Lancini, Director of Security e autore di "The CloudSec Engineer", esperto in strategia di sicurezza, leadership tecnica e sicurezza cloud.
59 articles from this blog
A guide demystifying Kubernetes, focusing on foundational concepts and security for beginners and security professionals.
Analysis of CVE-2018-1002105, a critical Kubernetes API server vulnerability allowing privilege escalation and arbitrary backend requests.
A mind map summarizing the red teaming methodology and techniques from 'The Hacker Playbook 3' for cybersecurity professionals.
A guide on using the ELK Stack (Elasticsearch, Logstash, Kibana) to analyze and triage large-scale Nmap scan results for penetration testing and offensive security.
A practical guide to finding and exploiting hosts vulnerable to the libSSH authentication bypass (CVE-2018-10933).
Introduction to using HashiCorp Consul as a service mesh for building offensive infrastructure, covering basic and hardened configurations.
A developer introduces GoScan, a network scanner tool written in Go, and explains how learning Go led to its creation and features like historical port tracking.
GoScan v2 is an interactive network scanner built in Go, automating and abstracting nmap for penetration testing and CTFs.
Introducing Robtex-Go, an open-source Go client library for the Robtex API to automate OSINT tasks.
A guide on running Burp Suite Professional as a Docker container with persistent storage and GUI support for easier portability.
A practical guide to setting up HashiCorp Vault with Consul as a backend and a web UI, all orchestrated using Docker Compose for secure team credential management.
A guide on integrating the Needle iOS security testing tool into a Jenkins CI/CD pipeline for automated vulnerability detection.
Needle v1.0.0 released with a new native Objective-C agent, adding iOS 10 support and replacing old dependencies.
Needle v0.1.1 released, adding Theos integration for iOS tweak development and new modules for security testing.
A technical guide addressing iOS 9 jailbreak issues, focusing on freeing up system partition space to install packages.
Needle V0.0.4 released with iOS/OS X support, new security modules, and bug fixes ahead of OWASP AppSec USA 2016.
An update on the iOS security testing tool Needle, including upcoming conference talks and a hands-on exploitation workshop.
An introduction to Needle, an open-source modular framework for conducting security assessments of iOS applications.
Needle is an open-source modular framework for streamlining security assessments of iOS applications, similar to drozer for Android.
