Dock12 sorintlab

Dock12 is a port bar on Ceres Station in "The Expanse". This aims to be a place where people can chat (like in a bar) about topics related to security and more.

Organizations

An unpredictable XSS story

How an image compression feature can lead to XSS

XSS Wordpress PHP Created Mon, 08 May 2023 17:08:51 +0200 by Paolo Elia
Writeup: Speed-Rev Bots (HackPack CTF 2023)

A CTF writeup about solving 6 challenges in 5 minutes

angr Reverse engineering Created Wed, 26 Apr 2023 09:44:47 +0100 by Cesare Pizzi
Java insecure deserialization 101

A basic introduction to Java insecure deserialization and and how attackers can exploit this vulnerability to get RCE

Java Deserialization Gadgets chain Created Wed, 19 Apr 2023 12:49:53 +0200 by Luca Famà
Java Native Interface and its hidden threats

How interoperation between the JVM and native code can create security issues

Java JNI C Buffer overflow Created Mon, 13 Mar 2023 10:53:00 +0100 by Luca Famà
Thoughts about Yara rules

I decided to create a Yara rule to detect a malware: some things you may find useful about the process

Yara Shikitega Linux malware Reverse engineering Created Mon, 06 Feb 2023 13:35:47 +0100 by Cesare Pizzi
JavaScript prototype chain and security risks

What is a prototype in JavaScript and how this useful feature can lead to security risks

Javascript Prototype pollution Injection Created Fri, 03 Feb 2023 15:53:19 +0100 by Luca Famà

Dock12 sorintlab

Organizations

An unpredictable XSS story

Writeup: Speed-Rev Bots (HackPack CTF 2023)

Java insecure deserialization 101

Java Native Interface and its hidden threats

Thoughts about Yara rules

JavaScript prototype chain and security risks