VoidSec CTF: Secure the Flag – Writeup

It has been a while since my last blog post, so I’m (finally) writing the write-up of the: VoidSec CTF Secure the flag. The CTF was made possible thanks to the sponsorship with Bitdefender that put some licenses for its product as a prize for the first three winners. This CTF was web based, no binary exploitation nor reverse engineering and/or crypto was involved. Before I dive into deep, let me explain what was the goal of this CTF...

Report: Ghost Blogging Platform

Advisory: VoidSec-15-001 Disclosure date: March 03, 2015 Vendor: Ghost Advisory sent: January 26, 2015 First delay: February 24,2015  

Download the Report


In Gennaio, il team VoidSec (voidsec, bughardy, smaury) ha realizzato un web application penetration test sulla piattaforma di blogging Ghost. Ghost è un nuovo content management system dedicato ai blogger che cercano un’alternativa a WordPress. Un crescente numero di utenti ha abbandonato i CMS tradizionali per abbracciare piattaforme più minimali, concentrate sulla lettura e la scrittura, essenziali; in questo Ghost è...