A journey in a Symfony website with JMose CommandScheduler enabled lead to some interesting results.

A journey in rConfig 3.9.4 lead to preauth sql injection, auth bypass, and remote code execution

Blog post for my talk about secure code review at End Summer Camp 2K20

Long story short, both john and hashcat will fail to recover a password from an ntlm hash if she's longer than ~28chars. Say 'Hi!' to Long the Ripper

Here is my take on eLearnSecurity eXploit Development Student course and relative certification process

Here is my take on Securitytube Linux Assembly Expert 32/64bit

Here is my take on Advanced Web Attack and Exploitation course and relative exam for Offensive Security Web Expert

Here is my take on Cracking The Perimeter course and relative exam for Offensive Security Certified Expert

Here is my take on Penetration Testing with Kali and relative exam for Offensive Security Certified Professional

A quick introduction on my view regarding courses and certifications