This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.

Discover how to implement it with Arduino UNO, and what security measures can protect your system.

TCC on macOS isn't just an annoying prompt—it's the last line of defense between malware and your private data. Read this article to learn why.

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Smartbedded MeteoBridge. Learn about the risks and recommended actions.

At Mozilla, we consider security to be a paramount aspect of the web. This is why not only does Firefox have a long running bug bounty program but also mature ...

We showcase a critical vulnerability with the official GitHub MCP server, allowing attackers to access private repository data. The vulnerability is among the first discovered by Invariant's security analyzer for detecting toxic agent flows.

Explore the 12 best Docker alternatives in 2025. Compare tools for container orchestration, image building, runtime security, and resource optimization.

In this paper I will reveal the discovery of wide-spread cases of request tunnelling in applications powered by popular servers including IIS, Azure Front Door and AWS' application load balancer including the creation of a novel detection technique that combined…

A fast domain and typosquatting discovery tool

The Legit research team unearthed vulnerabilities in GitLab Duo.

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Evertz SDVN. Learn about the risks and recommended actions.

Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix

Executive SummaryAnalyzing transmission control protocol (TCP) SYN segments,

How a solo inventor, a storage experiment, and a refusal to accept “encrypted” as good enough led to a new kind of data defense.

Introduction
In this guide, we’ll walk step-by-step through building a fully functional internal che...

EclecticIQ and Hudson Rock researchers assess that Bitter APT very likely used stolen email credentials from Pakistan’s Counter Terrorism Department (CTD) to carry out the attack. The spear phishing campaign targeted PTCL personnel in critical roles, including…

This talk will introduce the deguard utility, allowing to bypass Intel BootGuard and enabling coreboot development on previously locked down platforms.

Scan and exploit vulnerable web applications at scale with XAttacker V50 Pro — fast, reliable, and powerful.

Posted by Equivalent-Elk-712 - 8 votes and 2 comments

This questionnaire is part of a research study examining security vulnerabilities in edge computing environments and exploring Ethereum-based blockchain solutions to address these issues.
Your responses are anonymous and will be used solely for academic research…