Ethical hackers protect you from non-ethical hackers.
The difference is not in the knowledge, but how the latter is used.
OSCP, OSWA and OSWP certified.
Only Linux servers, please.
No Windows, since I like to sleep tight at night.
PHP, C/C++ and Python are my favourites, but I can use almost any language from the assembly code on.
Any kind of device, even if nowadays most of the code runs on the Web.
Robotics is my passion.
And the best way to make it real is to create robots with raw components and bits!
the light side of cybersecurity
- IT Security
- Penetration test
- Post-attacks analysis
- Prevention, Detection, Forensics
- Social engineering
- OSCP, OSWA and OSWP certified.
ethical hacking and cybersecurity certifications
Offensive Security Certified Professional
An OSCP has demonstrated the ability to use persistence, creativity, and perceptiveness to identify vulnerabilities and execute organized attacks under tight time constraints. They can:
* Use information gathering techniques to identify and enumerate targets running various operating systems and services
* Write scripts and tools to aid in the penetration testing process
* Analyze, correct, modify, cross-compile, and port public exploit code
* Conduct remote, local privilege escalation, and client-side attacks
* Identify and exploit XSS, SQL injection, and file inclusion vulnerabilities in web applications
* Leverage tunneling techniques to pivot between networks
OSCP holders have also shown they can think outside the box while managing both time and resources.
Offensive Security Web Assessor
Offensive Security Web Assessors (OSWAs) have demonstrated the ability to assess web applications, discover web application vulnerabilities, and exploit vulnerabilities to exfiltrate sensitive data, compromise user accounts, and obtain remote code execution.
OSWAs can perform black box assessments of web applications, discover common web application vulnerabilities, exploit web application vulnerabilities using manual and automated techniques.
They are able to assist web development teams in securing web app by proactively discovering vulnerabilities.
Offensive Security Wireless Professional
OSWPs are able to identify existing encryptions and vulnerabilities in 802.11 networks. They can circumvent network security restrictions and recover the encryption keys in use. Skills learned include:
* Greater insight into wireless offensive security and expanded awareness of the need for real-world security solutions
* Using various wireless reconnaissance tools
* Implementing attacks against WPA Personal and Enterprise encrypted networks
* Understanding how to implement different rogue access point attacks
* Implementing attacks against Wireless Protected Setup (WPS) networks
* Using various tools to crack authentication hashes
* Implementing attacks against Captive Portals
The exam also demonstrates that OSWPs are able to perform under imposed time constraints.
- Web server (Linux, Apache, MySQL, PHP)
- Mail server (Postfix), DNS and so on...
- Routing, Firewalling and IT Security in general
- IPSec and SSL/TLS VPNs
- PBX server (Asterisk)
- Web hosting
giving a soul to bricks
- C, C++, Java, Assembly
- HTML, SQL, and so on...
- Web sites and Web applications
- Mobile devices
- Embedded devices (like POS, Arduino, Raspberry Pi)
- Microcontrollers (PIC, AVR, ARM)
robots, microcontrollers and PCBs
- Electronic circuits design
- Microcontroller-based circuits (PIC, AVR, ARM)
- Raw components
- Arduino, Raspberry Pi & Co.
- Printed Circuit Board design
- Robotic design
Any questions? Drop me an e-mail at wiz-at-wizlab.it.