Category: Blog

In this post we are going to discuss different authentication schemes which are generally used by web services (REST API) for authenticating a user/consumer. Before going forward lets have a…

Internet of Things Attack surface Welcome! I hope you have gone through the previous blog post “IoT Security – Part 1” If not, I would urge you to go through it…

A year ago, I got an opportunity to work on a project on IVR pentesting which involved the security assessment of a major financial IVR system. It’s not something many…

In this blog, I’ll be solving Sick OS 1.2 machine posted by D4rk. The objective was to break into and read the flag kept under /root/7d03aaa2bf93d80040f3f22ec6ad9d5a.txt Attacker’s IP is 192.168.56.101 So lets start…

In this write-up, will be showing the steps to take root access on Stapler machine created by g0tmi1k. All the VM related details can be checked on here. 1. First I tried…

We’ll be solving Kioptrix VM Challenges/games in here. According to the Kioptrix website the purpose of these games are to learn the basic tools and techniques in vulnerability assessment and…

Have you ever wondered as what happens when you turn on your mobile phone? How does it communicate to the network in a secure manner? Almost all of us would…

In the last blog, we learnt how to do passive sniffing of gsm data using a RTL-SDR. I don’t wanna get much into what can be further done with passive analysis…

Automating Stuff with Python What is Automation? The use of any machine or computer to perform your task efficiently and in very less time can be termed as automation. Why do we need…