Skip to content

Security Café

Security Research and Services

  • Things we do on a daily basis
    • Web Application Penetration Testing
    • Mobile Application Penetration Testing
    • Infrastructure Penetration Testing
    • Vulnerability Assessment
  • Contact
  • About

Author: imorosan

IoT Pentesting 101: How to Hack MQTT – The Standard for IoT Messaging

April 8, 2022 imorosan

Pentesting IoT MQTT protocol on emulated environment deployed using mosquitto. Dictionary attacks, DoS, or exploiting dummy ICS Environments are presented.

Continue reading

Runtime Mobile Security (RMS) – How To Instrument Android Java Classes And Methods At Runtime

March 7, 2022 imorosan

Runtime Mobile Security (RMS) is a powerful web interface powered by Frida that helps you manipulate Android and iOS Applications at Runtime.

Continue reading

Root detection and SSL pinning bypass

February 1, 2022 imorosan

There are multiple methods to circumvent the client-side security that blocks the usage of the tested application in an unsafe environment such as Rooted or Jailbroken devices. Next, I will give you the top-most used methods for iOS and Android.

Continue reading

How to get your first CVE

November 1, 2021 imorosan

When doing a Penetration testing exercise against Web applications, you will always come across to up-to-date WordPress instances. No public CVEs and no publicly known exploits for WordPress Core and WordPress Plugins. And yet, is the website really secure?

Continue reading

Identifying vulnerabilities and potential victims

September 1, 2021 imorosan

Introduction Nowadays, the cybersecurity field is becoming more and more important in everyday life as technologies evolve continuously and more malicious people, so-called hackers, want

Continue reading

Top Posts

  • Root detection and SSL pinning bypass
  • Pentesting Azure: RECON Techniques
  • Protecting Windows Credentials against Network Attacks
  • Active Directory - Delegation Based Attacks
  • Introduction to Windows shellcode development - Part 1

Blog Stats

  • 247,106 hits

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 95 other followers

Categories

  • Active Directory (1)
  • Announcements (1)
  • Conferences (3)
  • Embedded systems security (2)
    • IoT Pentesting (1)
  • Ethical Hacking (7)
  • General security (9)
  • IT Security Assurance (1)
  • IT Security Audit (1)
  • Metasploit (1)
  • Misc (13)
  • Mobile security (4)
  • Network security (3)
  • Operating systems (1)
  • Penetration Testing (11)
  • Pentest techniques (19)
  • Web security (9)
Blog at WordPress.com.
  • Follow Following
    • Security Café
    • Join 95 other followers
    • Already have a WordPress.com account? Log in now.
    • Security Café
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar