Andrea Fortuna
AboutRss
  • Dec 15, 2017

    Investigate suspicious Windows processes using Sysinternals Sysmon

    This article on Microsoft's Technet Blog is really interesting: Moti Bani explain how to investigate suspicious activity on servers using Sysmon Tool. What is Sysmon? Sysmon is a tool from Sysinternals that provides a comprehensive monitoring about activities in the… read more »
  • Dec 13, 2017

    How to fix the WXR version error when importing a very old Wordpress export file

    Recently I needed to migrate the contents of a Wordpress 2.1.7 (really old!) on a new installation based on Wordpress 4.9.1. So i've exported all contents from old site using the standard export procedure, but during the import on the… read more »
  • Dec 11, 2017

    Metasploit Console: my own cheatsheet

    Metasploit Framework is a priceless open-source a tool for developing and executing exploit code against a remote target machine. Its main admin interface, the Metasploit console has many different command options to chose from. Here my own set (in alphabetical… read more »
  • Dec 8, 2017

    What is Reflective DLL Injection and how can be detected?

    DLL (Dynamic-link library) are the Microsoft's implementation of the shared library concept and provide a mechanism for shared code and data, allowing a developer of shared code/data to upgrade functionality without requiring applications to be re-linked or re-compiled. DLLs may… read more »
  • Dec 6, 2017

    Just some thoughts about credential stuffing attacks: how to check and prevent them

    People reuse passwords all the time. How can i check and prevent credential stuffing attacks? Recently i've read this article by Brian Chappell on SC Media UK: Credential stuffing: People reuse passwords all the time. Shocker, I know. In BeyondTrust's… read more »
  • Dec 4, 2017

    How to learn programming: the traditional way and the quick way

    Do you want to become a programmer? You need to know that you will have to face a long and difficult course, full of nights spent for debugging. Furthermore, you also need to face relationships with colleagues and clients, time… read more »
  • Dec 1, 2017

    Determine age, region, source of leaked credentials using RadioCarbon

    RadioCarbon is an interesting tool developed by Florian Roth, focused on checking age and origin of a credential leak: Typically you get leaked credentials in form of list of email addresses or user names, cleartext passwords or password hashes, and… read more »
  • Nov 29, 2017

    Yes, you can log into macOS "High Sierra" as root with no password

    UPDATE - Apple released the security patch for the bug: https://support.apple.com/en-us/HT208315 The security fate discovered in MacOS High Sierra by Lemi Orhan Ergin is so serious that it is hard to believe it's real: you can become root without typing… read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andrea-fortuna
  • andrea

Cybersecurity expert, software developer, experienced digital forensic analyst, musician