Root detection and SSL pinning bypass As the mobile application pentesting is quite new, more and more people are trying to make this... 2022-2-1 15:0:0 | 阅读: 2116 | 收藏 | securitycafe.ro bypass pinning objection security reverse

Protecting Windows Credentials against Network Attacks Over the years I’ve seen a lot of misconfigurations or a lack of configurations when it comes t... 2021-12-02 16:30:12 | 阅读: 35 | 收藏 | securitycafe.ro windows network security attacker memory

How to get your first CVE When doing a Penetration testing exercise against Web applications, you will a... 2021-11-01 18:58:07 | 阅读: 52 | 收藏 | securitycafe.ro wordpress wp offload payload identify

Practical GraphQL attack vectors On a recent engagement, we found an instance of GraphQL on a server and I noticed that there are... 2021-10-01 16:50:33 | 阅读: 21 | 收藏 | securitycafe.ro database client nosql developers

Identifying vulnerabilities and potential victims IntroductionNowadays, the cybersecurity is becoming more and more importan... 2021-09-01 17:17:10 | 阅读: 41 | 收藏 | securitycafe.ro scraper malicious github machine

Introduction to Windows shellcode development – Part 1 – Security Café This article contains an overview of shellcode development techniques and th... 2019-07-02 13:44:40 | 阅读: 111 | 收藏 | securitycafe.ro shellcode machine windows memory strcpy

Introduction to Windows shellcode development – Part 2 – Security Café If you missed the first part of this series, where you can read about what i... 2019-07-02 13:44:37 | 阅读: 130 | 收藏 | securitycafe.ro memory loaded shellcode windows

Introduction to Windows shellcode development – Part 3 – Security Café If you missed the first two parts of this article, you can find in Part I w... 2019-07-02 13:44:22 | 阅读: 1024 | 收藏 | securitycafe.ro shellcode user32 exitprocess loadlibrary

Tricking blind Java deserialization for a treat During a black-box penetration test we encountered a Java web application w... 2017-11-03 15:46:17 | 阅读: 100 | 收藏 | securitycafe.ro payload whoami intruder

Robot hacking research Later this past month, our lab welcomed a very important individual: Robi th... 2017-09-22 13:34:45 | 阅读: 39 | 收藏 | securitycafe.ro robot network attacker servo

Phishy Basic Authentication prompts In one of our previous posts, we noted that a popular tool – Responder – use... 2017-09-06 23:21:52 | 阅读: 51 | 收藏 | securitycafe.ro php prompts 3rd

Going further with Responder’s Basic Authentication There are a good number of situations when we find ourselves abusing the LL... 2017-06-26 19:21:52 | 阅读: 32 | 收藏 | securitycafe.ro victim network responder nbt

Exploiting Timed Based RCE In a recent penetration testing project we encountered a situation where in... 2017-02-28 22:45:58 | 阅读: 43 | 收藏 | securitycafe.ro guessing python injection commix payload