Skip to main content

Thesis

Here I will keep track of the various projects I started or I am involved in some way.

Supervised Bachelor Thesis Projects

  • Title: purp: An Intercepting Proxy for Web Application Security Assessment
    • Description: Development of a commmand line lightweight intercepting proxy using python3 which can be used for web application pentesting and vulnerability assessment
    • Author: Cristian Regna
    • Link: purp
  • Title: Secure Programming with Rust
    • Description: A study of common vulnerabilities found in famous compiled system languages and how these can be solved either with good programming rules or with a modern system programming language, that is Rust
    • Author: Marco Arazzi
    • Link: secure-programming
  • Title: HoundSploit an advanced exploit search platform
    • Description: An advanced exploit search platform called Houndsploit has been developed this platform is web based and solves some of the problems given by searchsploit
    • Author: Nicolas Carolo
    • Link: houndsploit
    • Link: houndsploitbash
  • Title: A Natural Language Processing based Web Application Firewall
    • Description: A Web application firewall using natural language processing has been developed, this system takes advantage of google dorks and pentesting payloads to generate the dataset of queries, then queries are classified either into malicious or benign requests
    • Author: Matteo Goretti
    • Link: nlpwaf
  • Title: A Malware Static Analysis Platform for Machine Learning Pipelines
    • Description: A platform for the static analysis of binaries has been developed using python3. This platform is particularly useful to create csv files out of a set of binary files; hence it can be used in machine learning pipelines during the feature engineering phase.
    • Author: Alessandro Oberti
    • Link: pepper
  • Title: Hardening Helper Framework based on AppArmor
    • Description: A platform that can be used to help the hardening of operating systems using AppArmor has been developed. This platform allows a easier use and management of AppArmor allowing system administrators to easily manage the hardening of their operating system
    • Author: Andrea Guzzon
    • Link: a^2
    • Link to Notes: a^2-notes
  • Title: Automated Fuzzing Techniques for Web Application Security Assessments
    • Description: A python based fuzzer was developed to discover vulnerabilities during web application security assessments. The fuzzer was inspired by the Burp "Intruder" tool but leverages multi-threading to obtain faster performance with respect to the community edition of Burp. The project has a small codebase and it's fully open-source to allow other developers to easily write extensions or modify it
    • Author: Andrea Fecchio
    • Link: SpeedyFuzzer
  • Title: Identification and Detection of Network Attacks through Firewall Log Analysis
    • Description: A tool for the identificaction and detection of network attacks has been developed. The tool was developed in the python programming language and leverages iptables logs to provide further insights about what is happening on a network. The logs produced by the tool can assist the system administrator in the detection of malicious activities conducted by attackers and can be useful within incident handling operations.
    • Author: Lorenzo Mariani
    • Link: IPtables Log Analyzer
  • Title: Development of a framework for the management of hybrid virtual environments
    • Description: A framework for the management of hybrid virtual environments has been developed. "Hybrid" in this case means that VM-based and container-based virtualization technologies are mixed under a single management technology. This simplifies the setup e.g., within a single virtual network of containers and VMs to test/deploy software or to create virtual labs that can be used for different purposes. The framework is based on ruby and leverages technologies like vagrant, docker and virtualbox to provide hybrid environments which are based both on virtual machine and container technologies. The framework aims at simplifying the management of hydrid environments who have the advantages of both worlds.
    • Author: Fabio Pezzini
    • Link: Viagrup

For currently available thesis proposals, go here: Thesis Proposals