For a long time, the adb backup command was the “Swiss Army Knife” for mobile pentesters. It allowed us to pull the private /data/data/ folder
Category: Penetration Testing
Mobile Pentesting 101: How to Pull APKs from Work Profile – A Real-World Intune Challenge
Introduction During a recent mobile application penetration test, I encountered a challenging scenario that many mobile security testers face nowadays: extracting APKs from applications installed
An ex psychologist’s journey into Cyber Security
How it all started What if I told you that the machines with 99 percentage fail chance wouldn’t do it… but a human with 1
WinRAR RCE Vulnerability Spotlight: APT29’s Zero-Day Tactics
In early September 2023, APT29, a group affiliated with Russia’s SVR, targeted multiple embassy offices using a WinRAR vulnerability. Their cyberespionage aims hinted at geopolitical motives. Exploiting CVE-2023-38831, the attackers executed a phishing campaign using a deceitful PDF, demonstrating the critical role of cybersecurity awareness and regular software updates in preventing such attacks.
Can Someone Really Hack Traffic Lights?
We’ve all seen the scenes in movies or games where attackers hack traffic lights to set the colors to their liking, but could this scenario
Trench Tales: The College Account Takeover That Never Happened
A story of mass-discovery of LDAP Anonymous Binding leading to the account takeover of all members of a college. Explore the methodology, the challenges and the discoveries of this research project.
Security Café 