Pentesting IoT MQTT protocol on emulated environment deployed using mosquitto. Dictionary attacks, DoS, or exploiting dummy ICS Environments are presented.
Tag: Penetration Testing
Runtime Mobile Security (RMS) – How To Instrument Android Java Classes And Methods At Runtime
Runtime Mobile Security (RMS) is a powerful web interface powered by Frida that helps you manipulate Android and iOS Applications at Runtime.
Root detection and SSL pinning bypass
There are multiple methods to circumvent the client-side security that blocks the usage of the tested application in an unsafe environment such as Rooted or Jailbroken devices. Next, I will give you the top-most used methods for iOS and Android.
How to get your first CVE
When doing a Penetration testing exercise against Web applications, you will always come across to up-to-date WordPress instances. No public CVEs and no publicly known exploits for WordPress Core and WordPress Plugins. And yet, is the website really secure?
Practical GraphQL attack vectors
On a recent engagement, we found an instance of GraphQL on a server and I noticed that there are not many articles describing the different
Penetration Testing or Vulnerability Assessment – Which one should I choose?
In this post we will take a quick look at the differences between vulnerability assessment (VA) and penetration testing (PT). Furthermore, we’ll give a set of
Security Café 