blog

Our Latest Blogs

Explore our latest blog posts and stay secure in a digital world.

GraphQL Penetration Testing
February 21, 2022
Pentests

We have had a couple of penetration test engagements that involved GraphQL endpoints. At first, it looked complex and we sketched out the methodology and approach to perform the penetration test. Here’s how it went,

Bypassing Certificate Pinning with Frida on Android Device
February 14, 2022
Mobile pentests

Modern-day mobile applications implement additional levels of security controls that prevent an attacker from intercepting the content for the HTTPS connection. Such implementation won’t allow common proxy tools to intercept and log the application traffic.

Leveraging Log4j Exploit to Domain Administrator
January 11, 2022
Pentests

We recently performed another internal network assessment with the goal to gain Domain Administrator access on the target network. We had unauthenticated access to the network, i.e. unauthorized user or an internal attacker onto the user LAN.

Tools, Techniques & Processes: From Zero to Domain Administrator
November 24, 2021
Pentests

We recently performed an internal network penetration test for a large enterprise with up to 3 domains and 2000+ hosts. We had zero knowledge of the target network (as an attacker would have) and were placed onto the user VLAN with unauthenticated access.

Keeping up with the best at the CHCon Hacker Conference
November 11, 2021
Events & Awards

Purple Teams, cables and continuous assurance; CHCon took place on November 5-6 in Christchurch in the historic Main Hall at the Arts Centre heritage site. Blacklock was proud to be a Bronze sponsor.

Agile Penetration Testing: What, Why & How?
October 29, 2021
PTaaS

Agile methodologies in software development have accelerated in recent years, helping businesses provide value to customers much faster. This approach takes an interactive approach to software development, where products are developed in small iterations throughout the entire process.

Subscribe to our newsletter

Join our newsletter today and enhance your knowledge with valuable insights. It's quick, easy, and free!

Be a Team Player
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.