-
Massive Hosts Discovery with SaturnV
SaturnV provides a fast deployable distributed port scanner and information collector infrastructure. This software was developed to provide a lightweight tool to pentesters who need to perform sporadic Network PenTest activities on big ranges of public faced IP subnets. …
-
Introducing SOS_Proxy
In this post I will introduce a simple but effective tool that I developed in order to automate the invisible proxy technique and manage to intercept the HTTP traffic of any non proxy-aware device. …
-
D-Link DSL-3782 SecAdvisory: OS Command Injection and Stored XSS
In this article I’m going to release the technical details of two vulnerabilities that I found by analyzing D-Link DIR-3782 router web interface. In particular I’ve found OS Command Injection and Stored Cross Site Scripting vulnerabilities. …
-
Break into 2K IP-Camera
In this post I will explain technical details of a vulnerability that I found on several IP-Camera models during a IoT-PenTest session and marked as CVE-2017–17101. This vulnerability allows an unauthenticated remote user to bypass the login panel and access to all the device features. …