Bio

Who am I: Francesco Soncina

Known as: phra

What do I do: Ethical Hacker & Red Teamer

Where am I: Amsterdam, NL

Certifications: OSCP, OSCE

CTF Team: d0nkeys @ HackTheBox

References

GitHub: https://github.com/phra

Linkedin: https://www.linkedin.com/in/phraa

Twitter: https://twitter.com/phraaaaaaa

Posts

• Jul 08, 2021: Process Creation is Dead, Long Live Process Creation — Adding BOFs Support to PEzor
• Feb 17, 2021: Generating Custom Cobalt Strike Artifacts with PEzor
• Oct 26, 2020: PEzor v2 — New Output Formats and Cobalt Strike Integration
• Jul 13, 2020: Designing and Implementing PEzor — an Open-Source Shellcode Injector and PE Packer
• Jun 02, 2020: Zero-Width Characters (ZWC) Fingerprinting — What is it and how can we protect?
• Apr 27, 2020: Old Tricks Are Always Useful: Exploiting Arbitrary File Writes w/ Accessibility Tools
• Feb 11, 2020: Metasploit CTF 2020 — 5 of Hearts Writeup — RISC-V Buffer Overflow with NX and Canary
• Feb 04, 2020: x0rro — A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2
• Jan 07, 2020: Cracking the Perimeter (CTP) and Offensive Security Certified Expert (OSCE) Guide
• Dec 18, 2019: Meterpreter + PPID Spoofing — Blending into the Target Environment
• Nov 15, 2019: x86 ASCII AND-SUB Encoder
• Nov 13, 2019: QuickZip 4.60 — Win10 WoW64 SEH Overflow Exploit
• Nov 04, 2019: CVE-2019-1414 — a Local Command Execution in Visual Studio Code
• Oct 07, 2019: We Don’t Need PowerShell.exe: Meterpreter Edition!
• Oct 03, 2019: Meterpreter + Donut = Reflectively and Interactively Executing Arbitrary Executables
• Sep 12, 2019: CVE-2019-10392 — Yet Another 2k19 Authenticated Remote Command Execution in Jenkins
• Aug 26, 2019: Exfiltrate Like a Pro: Using DNS over HTTPS as a C2 Channel
• Jul 11, 2019: Introducing Rustbuster — A Comprehensive Web Fuzzing and Content Discovery Tool
• Apr 15, 2019: Antimalware Scan Interface (AMSI) — A Red Team Analysis on Evasion
• Oct 30, 2018: Java Deserialization  —  From Discovery to Reverse Shell on Limited Environments
• May 29, 2018: How I exploited an arbitrary code execution vulnerability in fast-redact