Having fun with NFQUEUE and Scapy

Hi guys, sorry for the long silence! I know, I know, it has been long time from my last entry in this blog. During this year I have been very busy with my last year at university and thus I focused all my attention to pass the exams and to find a good final project […]

My smashing improved

Hi, in this brief post I will show you the improvements I have made on “Smashing the stack in 2010”. First of all I have improved the bibliography in order to help the readers to learn and delve into as well as to give the credits to others researchers for their works. Then I have […]

Phishing against BCC bank

In this post I am going to point out a real case of phishing against an italian bank, BCC (Banca di Credito Coperativo). Today I have received a well written mail to my university account, it says: The body obviously is in italian and it is also good from a sintax point of view, the […]

Smashing the stack in 2010

Many years have passed since the AlephOne article. This is true and fortunately we have a lot of papers dealing with buffer overflows and all its related issues in these 14 years. For example recently Peter Van Eeckhoutte has written the famous “exploit writing tutorials” that covers all aspects to exploit a Windows systems, considering […]

Something about Python and network analysis

In these series of posts we will see how to build some necessary tools from scratch to perform our tasks. Today we focus our attention on network, we are going to build a sniffer and a relative simple parser. Why don’t I use the well-known tcpdump? Wireshark? Tshark? First of all it’s more satisfactory to […]

Messing around with register

In these days I’m discovering winappdbg, it’s a python module that wrap many win32 API. Why am I using this “tool”? I could take a look at Paimei and its PyDbg or Immunity Debugger with its immlib. To this choice I must thank ratsoul and swirl that, during a boring afternoon on a irc channel, […]