Welcome

Hi, I'm Luca! An Italian cybersecurity professional, born in 1996, hacking since 2007, and working in the field since 2018. FOSS enthusiast.

GitHub Projects: https://github.com/LucaReggiannini
Videos on YouTube: https://www.youtube.com/@lucareggiannini8516
Feel free to contact me on Linkedin: https://www.linkedin.com/in/luca-reggiannini/

Posts

DNS Reverse Shell using arbitrary domain names (google.com)
DNS Reverse Shell using arbitrary domain names (google.com)
In this video I obtain an interactive reverse shell on a test machine through a DNS tunnel. A custom C2 DNS server handles the agent’s queries and returns commands without being authoritative for the requested domain. This approach allows the use of arbitrary domain names, including legitimate-looking or even non-existent ones, helping the activity blend in with normal DNS traffic or mislead analysis. From a security perspective, this shifts the IOC from the queried domain to the DNS server.

11/04/2026
Reverse Shell without Internet access (COM Port & Rogue AP)
Reverse Shell without Internet access (COM Port & Rogue AP)
In this video I obtain an interactive reverse shell on a victim machine with no Internet access using an Android smartphone as a Wi-Fi Rogue Access Point connected to the Internet, an ESP8266 (Wi-Fi) USB device that appears as a virtual COM Port and forwards serial traffic through the Access Point and an ATtiny85 virtual keyboard that injects the bootstrap payload to enumerate COM ports, detect the ESP8266, and execute the reverse shell over that port

24/12/2025
Invisible Unicode Obfuscation: Beyond GlassWorm
A deep dive into the invisible Unicode obfuscation technique popularized by GlassWorm, extended to undocumented variants and unseen attack surfaces such as command lines and security logs.

18/12/2025