Penetration Testing | So Long, and Thanks for All the Fish

Some useful tools for finding unsecure Google Storage Buckets

Posted on August 7, 2019August 7, 2019 by Andrea Fortuna

And some suggestion to hardening your buckets!

CVE-2019-0708 “Bluekeep”: Immunity Inc. starts to sell a exploit with full RCE capabilities

Posted on July 31, 2019July 31, 2019 by Andrea Fortuna

Cybersecurity firm Immunity Inc. decided to sell a BlueKeep exploit module capable of full remote code execution as part of its penetration testing toolkit.

Reverse engineering and penetration testing on Android apps: my own list of tools

Posted on July 18, 2019July 18, 2019 by Andrea Fortuna

This list of tools is really useful both in penetration testing on an Android application and in reverse engineering of a suspicious application.
All tools are OSS and freely available: so, enjoy!

Commando VM: a full Windows-based penetration testing virtual machine distribution

Posted on July 17, 2019July 13, 2019 by Andrea Fortuna

Months ago, I published a post about Flare VM, a project by Fireeye/Mandiant researcher focused on the creation of a Windows-based security distribution for malware analysis.

Recently, Fireeye released a similar project: another windows-based distribution, but this time dedicated to penetration testing and red teaming, named Command VM.

Kali Linux is now available for Raspberry Pi 4!

Posted on July 10, 2019July 10, 2019 by Andrea Fortuna

Offensive Security has released an official version of Kali Linux for Raspberry Pi 4, the last (and most powerful) version of the compact computer board, released just two weeks ago with a 1.5 GHz 64-bit quad-core ARM Cortex-A72 processor and 4GB of RAM.