7 June 2022

Multiple vulnerabilities in Zyxel zysh

“We live on a placid island […]

20 May 2022

A journey into IoT – Unknown Chinese alarm – Part 2 – Firmware dump and analysis

Disclaimer: as many other security researchers […]

3 May 2022

Zyxel firmware extraction and password analysis

Backstory During a red teaming exercise […]

11 April 2022

Semgrep ruleset for C/C++ vulnerability research

“The attack surface is the vulnerability. […]

22 March 2022

A journey into IoT – Unknown Chinese alarm – Part 1 – Discover components and ports

Disclaimer: as many other security researchers […]

3 March 2022

A journey into IoT – Chip identification, BUSSide, and I2C

Hi! Years ago ( 🙁 ) […]

17 February 2022

Hack In Paris video and Brida demo plugins released

Hi, A few days ago, Hack […]

5 February 2022

New (and old) shellcode samples

“A vulnerability provides an assembly language […]

20 December 2021

letme.go – A minimalistic Meterpreter stager written in Go

A few years back, I published […]

24 November 2021

Brida 0.5 released for Hack In Paris 2021!

Hi! Last Friday my colleague Piergiovanni […]

8 November 2021

Java Deserialization Scanner 0.7 is out!

Hi! I just released version 0.7 […]

25 October 2021

GitLab CE CVE-2021-22205 in the wild

A few months ago one of […]