Introduction During a recent mobile application penetration test, I encountered a challenging scenario that many mobile security testers face nowadays: extracting APKs from applications installed
Category: Penetration Testing
An ex psychologist’s journey into Cyber Security
How it all started What if I told you that the machines with 99 percentage fail chance wouldn’t do it… but a human with 1
WinRAR RCE Vulnerability Spotlight: APT29’s Zero-Day Tactics
In early September 2023, APT29, a group affiliated with Russia’s SVR, targeted multiple embassy offices using a WinRAR vulnerability. Their cyberespionage aims hinted at geopolitical motives. Exploiting CVE-2023-38831, the attackers executed a phishing campaign using a deceitful PDF, demonstrating the critical role of cybersecurity awareness and regular software updates in preventing such attacks.
Can Someone Really Hack Traffic Lights?
We’ve all seen the scenes in movies or games where attackers hack traffic lights to set the colors to their liking, but could this scenario
Trench Tales: The College Account Takeover That Never Happened
A story of mass-discovery of LDAP Anonymous Binding leading to the account takeover of all members of a college. Explore the methodology, the challenges and the discoveries of this research project.
Remote Code Execution – Basics
In this blog post you will learn how to identify basic Remote Code Execution vulnerabilities and how to exploit them.Caution: Some payloads discussed here can
Security Café 