The are many resources out there that tap into the subject of Kubernetes Pentesting or Configuration Review, however, they usually detail specific topics and misconfigurations
Mobile Pentesting 101 – Bypassing Biometric Authentication
Android and iOS Fingerprint bypassing techniques. The article presents multiple biometric bypass methods, including Frida and objection.
Practical GraphQL attack vectors
On a recent engagement, we found an instance of GraphQL on a server and I noticed that there are not many articles describing the different
Exploiting Timed Based RCE
In a recent penetration testing project we encountered a situation where in order to prove exploitability and possible damage we had to exfiltrate data from
Scripting Metasploit for a Real-Life Pentest
During a recent internal penetration test, we got to the point where we had to search a lot of Windows machines for Domain Admin tokens.