Skip to content

Security Café

Security Research and Services

  • Things we do on a daily basis
    • Web Application Penetration Testing
    • Mobile Application Penetration Testing
    • Infrastructure Penetration Testing
    • Vulnerability Assessment
  • Contact
  • About

Author: Daniel Tomescu

Phishy Basic Authentication prompts

September 6, 2017 Daniel Tomescu

In one of our previous posts, we noted that a popular tool – Responder – uses Basic Authentication prompts to harvest user credentials when they

Continue reading

My experience with the OSCP certification

March 17, 2016 Daniel Tomescu

Hi there, Probably you’re here because you’re interested in obtaining the OSCP certification. Smart decision, good for you! Or maybe you are interested in obtaining a

Continue reading

Mobile penetration testing on Android using Drozer

July 8, 2015 Daniel Tomescu

Mobile phones have become an indispensable part of our daily life. We use mobile phones to communicate with our loved ones, for quick access to

Continue reading

Clickjacking in Firefox Hello

March 18, 2015 Daniel Tomescu

Clickjacking, the art of tricking users into clicking on links or buttons that no sane person would ever click on. But how much damage can you

Continue reading

Concerns regarding the security of biometric authentication

February 2, 2015 Daniel Tomescu

More and more gadgets that we use these days (smart phones, smart watches, etc) try to make a personal connection with the owner via his

Continue reading

Top Posts

  • Root detection and SSL pinning bypass
  • Pentesting Azure: RECON Techniques
  • Mobile Pentesting 101 - Bypassing Biometric Authentication
  • Practical Network Penetration Tester (PNPT): Real-life Penetration Testing exam - Tips & Tricks to pass the exam
  • Our DefCamp 2022 talks are here!

Blog Stats

  • 285,722 hits

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 106 other subscribers

Categories

  • Active Directory (1)
  • Announcements (1)
  • Cloud Security (4)
    • aws (4)
  • Conferences (4)
  • Embedded systems security (2)
    • IoT Pentesting (1)
  • Ethical Hacking (10)
  • General security (10)
  • IT Security Assurance (1)
  • IT Security Audit (2)
  • Metasploit (1)
  • Misc (16)
    • Code Review (1)
  • Mobile security (5)
  • Network security (3)
  • Operating systems (1)
  • Penetration Testing (13)
  • Pentest techniques (21)
  • Web security (10)
Blog at WordPress.com.
  • Follow Following
    • Security Café
    • Join 106 other followers
    • Already have a WordPress.com account? Log in now.
    • Security Café
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...