Welcome!

Hey! I am Mattia, aka 0xbro.
This is my personal blog related to everything that surrounds ethical hacking, penetration testing, AppSec, CTFs, and other various cybersecurity stuff.
If you want to know more about me or want to get in touch, please visit the About Me page.

Recent writeups

• InfoSec Education - Let's talk about community with Meethack Torino
• InfoSec Education - How NOT to react to a responsible disclosure (CVE-2023-47444)
• InfoSec Education - Getting Started with GeoGuessr and OSINT (UMDCTF 2023)
• Android Hacking - How to set up an Android Penetration Testing Lab from scratch
• Web Hacking - WAF bypass and vulnerability chain exploiting parser differentials

Recent disclosures

• Authenticated Static Code Injections in OpenCart (CVE-2023-47444)
• Digital Private Vault (APK) - Subverting an (in)secure Android vault