Application Mobile Network
Application

Developing Like A Pentester – (And How To Reproduce Any Vulnerability)

Application

Pentesting User Interfaces: How to Phish Any Chrome, Outlook, or Thunderbird User

In this blog post, we demonstrate how graphical user interfaces could be vulnerable to spoofing attacks by using certain Unicode characters.

Application

5 Tips for selecting a penetration testing company in 2020

Selecting a penetration testing company can be a pain. Here are five important tips to ensure you penetration testing vendor will set you up for success.

Network

Evading Antivirus with Better Meterpreter Payloads

Ever have meterpreter shells consistently fail? Anti-virus products may be causing your penetration tests to fall flat. By using unique encoded meterpreter shells you can avoid AV and elevate your penetration tests.

Application

Tale of a Wormable Twitter XSS

This is a tale of how we found a wormable XSS on Twitter, and how we managed to fully bypass its CSP policy.

Network

AWS Penetration Testing Part 2. S3, IAM, EC2

Unlike ACLs and bucket policies, IAM policies are targeted at IAM users/groups instead of S3 buckets and objects.