Skip to content

Security Café

Security Research and Services

  • Things we do on a daily basis
    • Web Application Penetration Testing
    • Mobile Application Penetration Testing
    • Infrastructure Penetration Testing
    • Vulnerability Assessment
  • Contact
  • About

Author: Daniel Tomescu

Phishy Basic Authentication prompts

September 6, 2017 Daniel Tomescu

In one of our previous posts, we noted that a popular tool – Responder – uses Basic Authentication prompts to harvest user credentials when they

Continue reading

My experience with the OSCP certification

March 17, 2016 Daniel Tomescu

Hi there, Probably you’re here because you’re interested in obtaining the OSCP certification. Smart decision, good for you! Or maybe you are interested in obtaining a

Continue reading

Mobile penetration testing on Android using Drozer

July 8, 2015 Daniel Tomescu

Mobile phones have become an indispensable part of our daily life. We use mobile phones to communicate with our loved ones, for quick access to

Continue reading

Clickjacking in Firefox Hello

March 18, 2015 Daniel Tomescu

Clickjacking, the art of tricking users into clicking on links or buttons that no sane person would ever click on. But how much damage can you

Continue reading

Concerns regarding the security of biometric authentication

February 2, 2015 Daniel Tomescu

More and more gadgets that we use these days (smart phones, smart watches, etc) try to make a personal connection with the owner via his

Continue reading

Top Posts

  • Root detection and SSL pinning bypass
  • Mobile Pentesting 101 - Bypassing Biometric Authentication
  • Introduction to AI Prompt Injections (Jailbreak CTFs)
  • Mobile Pentesting 101 - How to set up your Android Environment
  • Practical JSONP Injection

Blog Stats

  • 314,046 hits

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 119 other subscribers

Categories

  • Active Directory (2)
  • Announcements (2)
  • Cloud Security (8)
    • aws (6)
    • Azure (1)
  • Conferences (4)
  • Embedded systems security (2)
    • IoT Pentesting (1)
  • Ethical Hacking (11)
  • General security (11)
  • IT Security Assurance (1)
  • IT Security Audit (2)
  • Metasploit (1)
  • Misc (15)
    • Artificial Intelligence (1)
    • Code Review (1)
  • Mobile security (6)
  • Network security (4)
  • Operating systems (1)
  • Penetration Testing (17)
  • Pentest techniques (24)
  • Web security (10)
Blog at WordPress.com.
  • Follow Following
    • Security Café
    • Join 119 other followers
    • Already have a WordPress.com account? Log in now.
    • Security Café
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...