PhD students and Postdocs
We are constantly looking for motivated and talented PhD students and postdocs interested in these areas:
Please look at our recent publications to learn more of our areas of interest.
If you would like to know more, please send your questions to Giancarlo Pellegrino.
All applications must be submitted through the CISPA application system and contain:
It is recommended to submit PDF files only. Microsoft Office documents will be discarded.
To speed up the process, consider sending me a heads-up email for your submission to email@example.com.
Why submitting boring applications?!
Is sending a bunch of PDFs via email too boring for you? Would you like to spice your application a little bit up? Say no more. I got you covered!
Here is a challenge for you. This webpage is vulnerable! Your goal is to identify the vulnerability, write a vulnerability report called
vuln_report.pdf, and attach it to your application email!
The report must convince me (the developer) about the problem and its potential risk. I would recommend to structure the report as shown below. Solving the challenge is strongly recommended.
Insert the name of the vulnerability here
Describe the vulnerable behavior.
Describe how easily an attacker can exploit this vulnerability.
https://secwebdev.it/api/v1/delete_database is the web API that can wipe out a production database, please include a proof of concept that can reliably exploit the vulnerability.
Please show me the importance of this vulnerability by finding an example of a similar vulnerability that affected at least one famous website in the past!