Android Application Assessment – Part III

August 7, 2024

Mobile pentests

This post covers some more android application specific attacks and tools which may further help you in pentesting your android app.

Continue Reading 

Resolve LetsEncrypt - Server only speaks HTTP, not TLS Error

August 7, 2024

Tools & Techniques

You can setup SSL on your website using LetsEncrypt. I have encountered a few times when you want to add new domain to the LetsEncrypt, it throws the following error.

Continue Reading 

Utilizing Metasploit Database in Network Pentest

August 7, 2024

Pentests

What’s the first thing come to your mind when you think of doing network pentest of over 1000 IPs in couple of weeks? Is it really possible? Answer is YES!!!

Continue Reading 

GraphQL Penetration Testing

August 7, 2024

Pentests

We have had a couple of penetration test engagements that involved GraphQL endpoints. At first, it looked complex and we sketched out the methodology and approach to perform the penetration test. Here’s how it went,

Continue Reading 

Android Pentesting with Genymotion and Burp

August 6, 2024

Mobile pentests

A quick blog post and reference guide to setup and getting started with Android application penetration testing.

Continue Reading 

Tools, Techniques & Processes: From Zero to Domain Administrator

August 6, 2024

Pentests

We recently performed an internal network penetration test for a large enterprise with up to 3 domains and 2000+ hosts. We had zero knowledge of the target network (as an attacker would have) and were placed onto the user VLAN with unauthenticated access.

Continue Reading 

Blog Categories