Skip to content

Security Café

Security Research and Services

  • Things we do on a daily basis
    • Web Application Penetration Testing
    • Mobile Application Penetration Testing
    • Infrastructure Penetration Testing
    • Vulnerability Assessment
  • Contact
  • About

Tag: pentesting

A Complete Kubernetes Config Review Methodology

February 27, 2023 Stefan Tita

The are many resources out there that tap into the subject of Kubernetes Pentesting or Configuration Review, however, they usually detail specific topics and misconfigurations

Continue reading

Mobile Pentesting 101 – Bypassing Biometric Authentication

September 5, 2022 imorosan

Android and iOS Fingerprint bypassing techniques. The article presents multiple biometric bypass methods, including Frida and objection.

Continue reading

Practical GraphQL attack vectors

October 1, 2021 Sebastian Mihalache

On a recent engagement, we found an instance of GraphQL on a server and I noticed that there are not many articles describing the different

Continue reading

Exploiting Timed Based RCE

February 28, 2017 Pobereznicenco Dan

In a recent penetration testing project we encountered a situation where in order to prove exploitability and possible damage we had to exfiltrate data from

Continue reading

Scripting Metasploit for a Real-Life Pentest

March 25, 2015 Ionuț Ambrosie

During a recent internal penetration test, we got to the point where we had to search a lot of Windows machines for Domain Admin tokens.

Continue reading

Top Posts

  • Root detection and SSL pinning bypass
  • A Complete Kubernetes Config Review Methodology
  • Mobile Pentesting 101 - Bypassing Biometric Authentication
  • IoT Pentesting 101: How to Hack MQTT - The Standard for IoT Messaging
  • Practical Network Penetration Tester (PNPT): Real-life Penetration Testing exam - Tips & Tricks to pass the exam

Blog Stats

  • 297,931 hits

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 107 other subscribers

Categories

  • Active Directory (1)
  • Announcements (2)
  • Cloud Security (7)
    • aws (5)
    • Azure (1)
  • Conferences (4)
  • Embedded systems security (2)
    • IoT Pentesting (1)
  • Ethical Hacking (10)
  • General security (11)
  • IT Security Assurance (1)
  • IT Security Audit (2)
  • Metasploit (1)
  • Misc (14)
    • Code Review (1)
  • Mobile security (5)
  • Network security (4)
  • Operating systems (1)
  • Penetration Testing (15)
  • Pentest techniques (21)
  • Web security (10)
Blog at WordPress.com.
  • Follow Following
    • Security Café
    • Join 107 other followers
    • Already have a WordPress.com account? Log in now.
    • Security Café
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...