About me

First of all I am a security enthusiast. I think I’ve always felt a strong attraction to everything related to  “security”, and it was therefore inevitable for me to approach this field.

I’m currently a BackTrack-Linux Developer (http://www.backtrack-linux.org/). Reading this blog, you will probably find many articles about lesser-known sides of this distribution.

I’m a Computer Science student at University of L’Aquila (Università degli studi dell’Aquila, http://www.univaq.it/).

You can find more information about my previous experiences in my LinkedIn page.

Some other accounts I use

Twitter account: http://twitter.com/crossbower_bt
LinkedIn Account: http://www.linkedin.com/pub/acri-emanuele/1b/127/6

Publications and documents

EXPLOITING ARM LINUX SYSTEMS An introduction, 31 January 2011
http://www.exploit-db.com/download_pdf/16151

NETWORK MANIPULATION IN A HEX FASHION An introduction to HexInject, September 2010
http://hexinject.sourceforge.net/hexinject_introduction.pdf

Presentations

Si apre la frontiera del Phishing 3.0?,  Gennaio 2010
Presented during Milan Security Summit 2010 (http://milano.securitysummit.it/)
Slides: sebug.net/paper/other/crossapp-present.pdf
Whitepaper: dl.packetstormsecurity.net/papers/general/crossapp-scripting.pdf

Tools and projects

GDB Python Utils, an utility library that provides additional functions to the standard GDB python scripting library. It also includes various tools, such as process communication sniffers and an in-memory fuzzer.
Project page: https://github.com/crossbowerbt/GDB-Python-Utils/

Hexinject, a versatile packet injector and sniffer, that provide a command-line framework for raw network access.
Project page: http://hexinject.sourceforge.net/

Complemento, a suite of security related network tools.
Project page: http://complemento.sourceforge.net/

Cymothoa, a stealth backdooring tool, that inject backdoor’s shellcode into existing processes.
Project page: http://cymothoa.sourceforge.net/

Aranea, a fast and clean DNS spoofing tool, regular expressions based.
Project page: https://github.com/TigerSecurity/aranea

PassiveNetwork, a windows/linux graphical program (QT4), to manipulate and forward TCP connections.
Project page: https://github.com/TigerSecurity/PassiveNetwork

DNSSet, a simple tool, to configure resolv.conf.
Project page: http://dnsset.sourceforge.net/

And some other scripts, patches and minor tools you can find in the blog…

Exploits and miscellanea

Various (Exploit-DB): http://www.exploit-db.com/author/?a=2100
Various (Packetstormsecurity): http://packetstormsecurity.org/search/?q=crossbower

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.