Stefano Armenes

Computer Science enthusiast. I got my B. Sc. degree in Computer Science on December 12, 2012 from Università degli Studi di Milano.

I have 13 years of experience in the IT industry.

Lately, I've been diving into cybersecurity, focusing on reverse engineering and binary exploitation.

I'm a on pwn.college:

  • ✅ 🟠 orange belt (cybersecurity and web exploit)
  • ✅ 🟡 yellow belt (reverse engineering, memory errors, shellcoding)
  • ✅ 🟢 green belt (race conditions, sandboxing, kernel security)
  • 🚧 🔵 blue belt (ROP, heap exploitation, file struct exploitation, kernel exploitation)

I completed the CPTS path on HackTheBox.

REVERSE ENGINEERING & EXPLOIT DEVELOPMENT

  • Disassembly & Decompilation: Ghidra, Binary Ninja
  • Debugging & Dynamic Analysis: GDB (with GEF/PEDA), WinDbg
  • Exploit Development: Python pwntools, ROPgadget, Ropper, OneGadget
  • File Analysis: objdump, strace, ltrace, checksec

TOOLS & TECHNOLOGIES

  • Recon & Enumeration: Nmap, FFUF / Gobuster
  • Brute-forcing & Credential Attacks: Hydra, Medusa
  • SQL Injection & Database Attacks: SQLMap
  • Network & Active Directory Attacks: Impacket toolkit, BloodHound, NetExec (formerly CrackMapExec)
  • Local & Remote Enumeration LinPEAS / WinPEAS, Evil-WinRM, SMBClient / SMBMap, Enum4Linux-NG
  • Kerberos Attacks & Post-Exploitation: Kerbrute, Rubeus, Mimikatz, PowerView
  • Password Cracking: John the Ripper, Hashcat
  • Metasploit framework

NETWORKING

  • Port forwarding & tunneling: SSH tunneling, local/remote port forwarding
  • Pivoting techniques: ProxyChains, Chisel, Ligolo-NG
  • Firewall evasion & bypassing restrictions

Blogposts (Misc about webdev)

Talks

Find me on

GitHub LinkedIn