How I Reverse Engineered and Exploited a Smart Massager
I have been working with Bluetooth for quite some time. I chose to reverse engineer a smart device to prove how crazy is the security standard being implemented in these…
Authentication schemes in REST API
In this post we are going to discuss different authentication schemes which are generally used by web services (REST API) for authenticating a user/consumer. Before going forward lets have a…
IoT Security – Part 2 (101 – IoT Attack surface)
Internet of Things Attack surface Welcome! I hope you have gone through the previous blog post “IoT Security – Part 1” If not, I would urge you to go through it…
Automating IVR pentesting
A year ago, I got an opportunity to work on a project on IVR pentesting which involved the security assessment of a major financial IVR system. It’s not something many…
Vulnhub SickOs 1.2 – Walkthrough
In this blog, I’ll be solving Sick OS 1.2 machine posted by D4rk. The objective was to break into and read the flag kept under /root/7d03aaa2bf93d80040f3f22ec6ad9d5a.txt Attacker’s IP is 192.168.56.101 So lets start…