On a recent engagement, we found an instance of GraphQL on a server and I noticed that there are not many articles describing the different
Category: General security
Identifying vulnerabilities and potential victims
Introduction Nowadays, the cybersecurity field is becoming more and more important in everyday life as technologies evolve continuously and more malicious people, hackers, want to
Phishy Basic Authentication prompts
In one of our previous posts, we noted that a popular tool – Responder – uses Basic Authentication prompts to harvest user credentials when they
Practical JSONP Injection
JSONP injection is a lesser known but quite widespread and dangerous vulnerability and it surfaced in the last years due to the high rate of
Penetration Testing in IT/ Security Assurance Projects
There are various cases when during an IT/ security assurance projects there are specific requirements to rely on penetration testing projects/ reports completed by a
Security Café 