• Services
  • Blog
  • Knowledge Base
  • Contact

KNOWLEDGE BASE

Application Penetration Testing AWS Pentesting DevOps Security Encryption Network Penetration Testing Pentesting Fundamentals Windows Hardening

Application Penetration Testing

  • Username Enumeration
  • iOS Frida Objection Pentesting Cheat Sheet
  • URL Redirection – Attack and Defense
  • Jailbreaking iOS 13 with unc0ver
  • X-Runtime Header Timing Attacks
  • wkhtmltopdf File Inclusion Vulnerability
  • API Mass Assignment Vulnerability
  • Web Server TRACE Enabled

AWS Pentesting

  • ScoutSuite Quickstart
  • Protecting S3 buckets using IAM and KMS
  • Misconfigured S3 Bucket
  • S3 Storage Does Not Require Authentication

DevOps Security

  • Securing Travis CI

Encryption

  • SSH Weak MAC Algorithms Enabled
  • TLS 1.0 Initialization Vector Implementation Information Disclosure Vulnerability
  • OpenSSL ‘ChangeCipherSpec’ (CCS) MiTM Vulnerability
  • Null Ciphers Supported
  • ‘Export Ciphers’ Enabled

Network Penetration Testing

  • DNS Server Dynamic Update Record Injection
  • rlogin Service Enabled
  • Unauthenticated MongoDB – Attack and Defense
  • SNMP ‘GETBULK’ Denial of Service
  • Responder / MultiRelay Pentesting Cheatsheet
  • NTP Mode 6 Vulnerabilities
  • Cisco Information Disclosure (CVE-2014-3398 – CSCuq65542)
  • SSH Tunneling for Pentesters
  • .NET Handler Enumeration
  • TLS_FALLBACK_SCSV Not Supported
  • PHP Easter Eggs Enabled
  • MySQL Multiple Vulnerabilities
  • Debian Predictable Random Number Generator Weakness
  • Cisco IKE Fragmentation Vulnerability

Pentesting Fundamentals

  • Essential Wireshark Skills for Pentesting
  • Testing Cookie Based Session Management

Windows Hardening

  • Resolving “Windows NetBIOS / SMB Remote Host Information Disclosure” (2020)
  • Services
  • Blog
  • Knowledge Base
  • Contact
Looking for a better
penetration test?

Make an appointment with an expert today

    Request a meeting invite? (EDT)

    Contact ASAP3:00 PM Today4:00 PM Today1:00 PM Tomorrow3:00 PM TomorrowOther / Just Send Info