Antonio Francesco Sardella's Projects
WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.
Altoro Mutual OWASP ZAP Context file
WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2022-46169). Run it at your own risk!
WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2023-39362). Run it at your own risk!
This is a Python 2.7 script that can be used to solve RSA challenges in CTFs.
Bunch of CTF writeups.
This is a simple PHP script that can be used as a cookie grabber / session stealer. It uses MySQL to store data in a structured way.
Exploits GitLab authenticated RCE vulnerability known as CVE-2022-2884.
This is a Python 2.7 script that can be used to launch massive 'appscan prepare' commands.
This is a Python 2.7 script that can be used to clone several Git repositories defined, via URL, into a text file.
This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).
WARNING: This is a vulnerable application to test the exploit for the Spring Break vulnerability (CVE-2017-8046). Run it at your own risk!
This is a sort of Java porting of the Python exploit at: https://www.exploit-db.com/exploits/41570/.
Minimal golang binding to V8
Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.