Introduction During a recent mobile application penetration test, I encountered a challenging scenario that many mobile security testers face nowadays: extracting APKs from applications installed
Category: Pentest techniques
How to Install .ipa Files on iPhone Without Jailbreak
Unlock the untapped potential of your iPhone with our step-by-step guide to installing .ipa files using Apple Configurator 2. Say goodbye to the limitations of the App Store and discover how to expand your iOS experience effortlessly. Dive into the world of digital empowerment and customization today!
WinRAR RCE Vulnerability Spotlight: APT29’s Zero-Day Tactics
In early September 2023, APT29, a group affiliated with Russia’s SVR, targeted multiple embassy offices using a WinRAR vulnerability. Their cyberespionage aims hinted at geopolitical motives. Exploiting CVE-2023-38831, the attackers executed a phishing campaign using a deceitful PDF, demonstrating the critical role of cybersecurity awareness and regular software updates in preventing such attacks.
Trench Tales: The College Account Takeover That Never Happened
A story of mass-discovery of LDAP Anonymous Binding leading to the account takeover of all members of a college. Explore the methodology, the challenges and the discoveries of this research project.
Remote Code Execution – Basics
In this blog post you will learn how to identify basic Remote Code Execution vulnerabilities and how to exploit them.Caution: Some payloads discussed here can
IAMActionHunter in action
Let’s take a look at the latest cloud tool published by Rhino Security Labs: IAMActionHunter. Here I will detail the practical approach I took during
Security Café 