Flying Securely: An Introduction to Drone SecurityÂ
Drones have rapidly emerged as a cutting-edge technology that has transformed various industries and everyday activities. These flying machines are equipped with advanced sensors, cameras, …
Learning to Reverse Engineer with GDB
What is Reverse Engineering? Reverse engineering means to break down an object into simpler constituent parts and learn about its internal workings. What is GDB? …
Unravelling the Layers of Client-Side SQL Injection Vulnerabilities in Mobile Applications
Introduction: In the dynamic landscape of web and mobile applications, security remains a paramount concern. In this blog, we will delve into the world of …
Navigating the Core Concepts: Basics of Active Directory Explained
Introduction : Embarking on a journey into the realm of Active Directory (AD) can be both exciting and overwhelming. In this blog series, we’ll unravel …
How to Intercept Thick Client TCP Traffic?
One of our recent assessments required us to pentest a thick client application, for which we needed to inspect the HTTP communication between the thick …
Exploring ways to exploit SSTI in Go FrameworksÂ
Server-Side Template Injection (SSTI) is one of the most common web vulnerabilities found in web applications and usually arises due to the dynamic generation of …
Code Diff Analysis for SetParent Infinite Recursion Bug
The previous article, Denial Of Service In Windows 11 22H2, described an infinite recursion bug triggered by a crafted SetParent WINAPI call in the Windows …
How OAuth Implicit Flow led to Hundreds of User Accounts Being Accessed?Â
Introduction In this article, I delve into the potential vulnerabilities of OAuth Implicit Flow, specifically in gaining unauthorized access to user accounts due to a …
Navigating the Depths of Deep Link Security
What is a deep link? Deep linking is the practice of embedding hyperlinks to specific content within a mobile application. This technique directs users to …
