Bio
Who am I: Francesco Soncina
Known as: phra
What do I do: Ethical Hacker & Red Teamer
Where am I: Amsterdam, NL
Certifications: OSCP, OSCE
CTF Team: d0nkeys @ HackTheBox
References
GitHub: https://github.com/phra
Linkedin: https://www.linkedin.com/in/phraa
Twitter: https://twitter.com/phraaaaaaa
Posts
- Jul 08, 2021: Process Creation is Dead, Long Live Process Creation — Adding BOFs Support to PEzor
- Feb 17, 2021: Generating Custom Cobalt Strike Artifacts with PEzor
- Oct 26, 2020: PEzor v2 — New Output Formats and Cobalt Strike Integration
- Jul 13, 2020: Designing and Implementing PEzor — an Open-Source Shellcode Injector and PE Packer
- Jun 02, 2020: Zero-Width Characters (ZWC) Fingerprinting — What is it and how can we protect?
- Apr 27, 2020: Old Tricks Are Always Useful: Exploiting Arbitrary File Writes w/ Accessibility Tools
- Feb 11, 2020: Metasploit CTF 2020 — 5 of Hearts Writeup — RISC-V Buffer Overflow with NX and Canary
- Feb 04, 2020: x0rro — A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2
- Jan 07, 2020: Cracking the Perimeter (CTP) and Offensive Security Certified Expert (OSCE) Guide
- Dec 18, 2019: Meterpreter + PPID Spoofing — Blending into the Target Environment
- Nov 15, 2019: x86 ASCII AND-SUB Encoder
- Nov 13, 2019: QuickZip 4.60 — Win10 WoW64 SEH Overflow Exploit
- Nov 04, 2019: CVE-2019-1414 — a Local Command Execution in Visual Studio Code
- Oct 07, 2019: We Don’t Need PowerShell.exe: Meterpreter Edition!
- Oct 03, 2019: Meterpreter + Donut = Reflectively and Interactively Executing Arbitrary Executables
- Sep 12, 2019: CVE-2019-10392 — Yet Another 2k19 Authenticated Remote Command Execution in Jenkins
- Aug 26, 2019: Exfiltrate Like a Pro: Using DNS over HTTPS as a C2 Channel
- Jul 11, 2019: Introducing Rustbuster — A Comprehensive Web Fuzzing and Content Discovery Tool
- Apr 15, 2019: Antimalware Scan Interface (AMSI) — A Red Team Analysis on Evasion
- Oct 30, 2018: Java Deserialization — From Discovery to Reverse Shell on Limited Environments
- May 29, 2018: How I exploited an arbitrary code execution vulnerability in fast-redact