Venerdì Protetto | September 2024

What happened in the latest Venerdì Protetto?

Facile.it engineers Facile.it engineers avatar

2 minute read

The Venerdì Protetto retrospective: a way to grow together

After the summer break, we’re back with the much-anticipated Venerdì Protetto, a day when work pauses to make room for learning and discussion. During the September edition of Venerdì Protetto, we held a retrospective to gather feedback and ideas on how to make this initiative even more meaningful and engaging.


Why Venerdì Protetto is important

Venerdì Protetto is an opportunity for our IT department to come together, share knowledge, and cultivate new skills. It is a unique occasion to gain valuable insights into technical approaches and solutions through internal contributions, as well as to learn about other realities through external talks.

Venerdì Protetto | July edition

Trash to Treasure: A Waste of Time Hackathon!

Ana Radujko Ana Radujko avatar

2 minute read

Innovating for a cleaner tomorrow: our company hackathon experience

In today’s fast-paced tech landscape, innovation often thrives in unconventional environments. One such event that has gained popularity in recent years is the hackathon. A hackathon is a collaborative event that brings together people from different backgrounds to brainstorm and create innovative solutions to specific challenges, all within a limited timeframe. These events foster a culture of creativity, teamwork, and rapid problem-solving, making them invaluable for companies looking to harness the collective intelligence of their employees.

Venerdì Protetto | June edition

What happened in the last Facile.it Venerdì Protetto?

Facile.it engineers Facile.it engineers avatar

2 minute read

This page contains the abstracts of the talks held during the latest Venerdì Protetto on June 14, 2024.

Topics:


Big project management

What really matters?

by Stefano Bosio

Alt text for Image_a

This presentation explored the primary technical hurdles of managing large IT projects, including technical challenges, planning, time management, technical debt, documenting, testing, and rollout strategy.

Hack the Box Experience

How to prepare a white-box hacking workshop and live happily ever after

Alessio Giorgianni Alessio Giorgianni avatar Matteo Garza Matteo Garza avatar

2 minute read

After the successful experience of having a code challenge in March 2024, we decided to go further in delivering experiences to our colleagues.

Scouting around, I turned to Alessio Giorgianni, a developer with a passion for white hat hacking competition. We agree to try an experience using a platform called Hack the Box. Hack the Box Academy offers lots of information and training about IT Security and, in our case, some exercises we can use for hacking dummy applications, with a whitebox example (i.e., an example where all the code is undisclosed to us. There are also different kind of pentest). We agreed upon using a non-trivial quest, called Jerrytok. Jerrytok is a WAPT (Web App Penetration Testing) whitebox challenge. We got a simple web-application, written in PHP, which disclose the harm of using template engines in a not-proper way. It’s a good introduction to SSTI, Server Side Template Injection.