Skip to content
Home
About Us
Services
Application Security
Web Application Penetration Testing
API Penetration Testing
Mobile Application Penetration Testing
Source Code Reviews
Threat Modeling
Architecture Reviews
Infrastructure Security
Internal Network Penetration Testing
External Network Penetration Testing
Active Directory Security Assessments
Wireless Network Penetration Testing
Host Reviews
Firewall Configuration Reviews
Cloud Security
Cloud Configuration Reviews
Cloud Penetration Testing
Adversary Simulations
Red Teaming
Purple teaming
OSINT
Phishing Simulations
DevSecOps
Container Security
Kubernetes configuration reviews
Other
Managed Vulnerability Scanning
PCI DSS Security Assessments
Hardware Security Assessments
Smart Contracts Security Assessments
Academy
Advisory
Blog
Media
Podcasts
Videos
Contact Us
Home
About Us
Services
Application Security
Web Application Penetration Testing
API Penetration Testing
Mobile Application Penetration Testing
Source Code Reviews
Threat Modeling
Architecture Reviews
Infrastructure Security
Internal Network Penetration Testing
External Network Penetration Testing
Active Directory Security Assessments
Wireless Network Penetration Testing
Host Reviews
Firewall Configuration Reviews
Cloud Security
Cloud Configuration Reviews
Cloud Penetration Testing
Adversary Simulations
Red Teaming
Purple teaming
OSINT
Phishing Simulations
DevSecOps
Container Security
Kubernetes configuration reviews
Other
Managed Vulnerability Scanning
PCI DSS Security Assessments
Hardware Security Assessments
Smart Contracts Security Assessments
Academy
Advisory
Blog
Media
Podcasts
Videos
Contact Us
Blog
Home
/ Blog
09
Aug
August 09, 2024
ChatGPT for Pen Testing (Pt. 2)
01
Aug
August 01, 2024
Security Advisory: Multiple Vulnerabilities in Syrotech Router
23
Jul
July 23, 2024
Cyber Security Training
23
Jul
July 23, 2024
Introduction to Assembly Language
23
Jul
July 23, 2024
Asus RT N12 + B1’s Privilege Escalation CVE-2024-28326
19
Jul
July 19, 2024
A Guide to Server-Side Template Injection (SSTI)
15
Jun
June 15, 2024
Getting started with hardware hacking- essential tools
15
Jun
June 15, 2024
Using the Ch341A Programmer and ESP-01 Module to jazz up firmware!
14
Jun
June 14, 2024
EXPLIoT: Framework for exploiting IoT products
14
Jun
June 14, 2024
Flying Secure- A Comprehensive Guide to the Nabhyaan Drone
13
Jun
June 13, 2024
Security Advisory – Multiple Vulnerabilities in LB-link BL-W1210M Router
12
Jun
June 12, 2024
Domain Trusts- A Comprehensive Exploitation Guide
10
Jun
June 10, 2024
Car Hacking- The New Frontier in Cybersecurity
06
Jun
June 06, 2024
Security Advisory – Multiple Vulnerabilities in Netgear WNR614 Router
04
Jun
June 04, 2024
Analyzing Firmware and Extracting Filesystem
02
Jun
June 02, 2024
Strategies for Small and Mid-Sized Businesses (SMBs)
31
May
May 31, 2024
Using Win32 API with Rust
24
May
May 24, 2024
Digisol DG GR1321’s Password Storage in Plaintext CVE-2024-4232
24
May
May 24, 2024
Digisol DG GR1321’s Improper Access Control CVE-2024-4231
22
May
May 22, 2024
Digisol DG GR1321’s Password Policy Bypass CVE-2024-2257
15
May
May 15, 2024
Asus RT N12 + B1’s Insecure Credential Storage CVE-2024-28327
10
May
May 10, 2024
Understanding Active Directory Certificate Services (AD CS)
07
May
May 07, 2024
Asus RT N12 + B1’s CSV Injection CVE-2024-28328
22
Apr
April 22, 2024
Tenda N300 F3 Router Password Policy Bypass Vulnerability
22
Apr
April 22, 2024
Abusing Active Directory Certificate Services: A Comprehensive Guide
19
Apr
April 19, 2024
Understanding Buffer Overflow: Protecting Systems from Vulnerabilities
10
Apr
April 10, 2024
Master Wi-Fi Connectivity with NodeMCU: Unleashing the Power of Wi-Fi Wizardry
01
Apr
April 01, 2024
Unleashing the Potential of Certificates for Privilege Escalation
14
Mar
March 14, 2024
Zero Day in Xbox Privilege Escalation using Gaming ServiceEoP
13
Mar
March 13, 2024
Leveraging Win32 APIs in C# using Platform Invokation(P/Invoke)
12
Mar
March 12, 2024
Unveiling Moniker Link (CVE-2024-21413): Navigating the Latest Cybersecurity Landscape
22
Feb
February 22, 2024
Process Injection: Harnessing the Power of Shellcode
19
Feb
February 19, 2024
Decoding the Mystery: Identifying Unlabelled UART Pins
14
Feb
February 14, 2024
Securing Web Uploads: Extension Denylisting
12
Feb
February 12, 2024
Decoding I2C: Mastering the Communication Protocol
08
Feb
February 08, 2024
Subdomain Enumeration: Leveraging Web Architecture’s Power
07
Feb
February 07, 2024
Exploring the Fundamentals of Rust Programming
02
Feb
February 02, 2024
Unveiling Vulnerabilities: Exploring SWD Attack Surface in Hardware
01
Feb
February 01, 2024
JWT: A Deep Dive into Algorithm Confusion
25
Jan
January 25, 2024
Decoding JTAG: Unveiling and Validating Headers on Your Device
24
Jan
January 24, 2024
Introduction to EDR Evasion: API Hooking
20
Jan
January 20, 2024
Hardware Hacking for IoT Devices – Offensive IoT Exploitation
18
Jan
January 18, 2024
JTAG Security: Unlocking the Potential of Hardware Hacking
02
Jan
January 02, 2024
Securing AWS: Importance of Penetration Testing & Best Practices
29
Dec
December 29, 2023
Hacking Wireless Doorbells
28
Dec
December 28, 2023
Understanding BLE and ZigBee Protocols
25
Dec
December 25, 2023
Exploring Hardware Hacking as an Approach to IoT Security
23
Dec
December 23, 2023
10 Reasons Why Pen Testing Should Be a Priority
20
Dec
December 20, 2023
Pen Testing: Strengthening Your Cybersecurity Defenses
19
Dec
December 19, 2023
Pen Test vs. Vulnerability Assessment: Key Differences
15
Dec
December 15, 2023
Redfox Security is now SOC 2 Type 2 Compliant
14
Dec
December 14, 2023
Understanding XML External Entity Injection (XXE) Attacks
12
Dec
December 12, 2023
Windows Antivirus Evasion – Part 1
11
Dec
December 11, 2023
Understanding the Pen Test Program Life Cycle
09
Dec
December 09, 2023
Intercepting Implicit Intent to Load Arbitrary URL
06
Dec
December 06, 2023
7 Essential Steps for Crafting an Effective Yearly Pen Test Plan
28
Nov
November 28, 2023
Network Penetration Testing: Essential Tips from a Seasoned Pen Tester
23
Nov
November 23, 2023
Exploiting Weak ACLs on Active Directory Certificate Templates: ESC4
22
Nov
November 22, 2023
A Guide to Pen Testing in the Azure AD Environment
21
Nov
November 21, 2023
Web Cache Poisoning: A Comprehensive Guide to Protecting Your Website
20
Nov
November 20, 2023
7 Essential Steps for an Effective Yearly Penetration Testing Plan
16
Nov
November 16, 2023
Cross-Site Request Forgery (CSRF) for Pen Testers
31
Oct
October 31, 2023
HTTP Parameter Pollution: Manipulating Web App Vulnerabilities
30
Oct
October 30, 2023
Unlocking Azure AD Security Secrets: A Comprehensive Guide
27
Oct
October 27, 2023
Understanding and Securing Amazon Cognito: A Comprehensive Guide
23
Oct
October 23, 2023
PrintNightmare: The Vulnerability That Shook Windows Systems
14
Oct
October 14, 2023
WebSocket Hijacking: Exploiting Vulnerabilities and Ensuring Security
13
Oct
October 13, 2023
How Penetration Testing Protects Healthcare from Cyber Threats
09
Oct
October 09, 2023
An In-depth Exploration into WebClient Abuse
07
Oct
October 07, 2023
Dumping Android Application Memory
03
Oct
October 03, 2023
Protecting Android Clipboard Content
25
Sep
September 25, 2023
iOS Pen Testing with Objection
21
Sep
September 21, 2023
Exploring Native Modules in Android with Frida
15
Sep
September 15, 2023
Understanding File Upload Vulnerabilities
14
Sep
September 14, 2023
Terminal Multiplexing: Hijacking Tmux Sessions
09
Sep
September 09, 2023
Preventing Exploitation of Deep Links
06
Sep
September 06, 2023
How to Exploit Android Activities?
04
Sep
September 04, 2023
Exploiting Linux Capabilities: CAP_SYS_MODULE
01
Sep
September 01, 2023
Deciphering the Threat of Tabnabbing Attacks
31
Aug
August 31, 2023
Exploring the Latest iOS Pentesting Tools and Techniques
30
Aug
August 30, 2023
Havoc C2 Framework
24
Aug
August 24, 2023
Key Principles of a Zero-Trust Cybersecurity Framework
19
Aug
August 19, 2023
Exploiting Misconfigured Active Directory Certificate Template – ESC1
16
Aug
August 16, 2023
Understanding Intent Injection Vulnerabilities in Android Apps
31
Jul
July 31, 2023
GPO Abuse
27
Jul
July 27, 2023
Introduction to C2 Frameworks
25
Jul
July 25, 2023
Abusing ACL Misconfigurations
24
Jul
July 24, 2023
Discovering Internet Accessible Devices with Shodan
22
Jul
July 22, 2023
The Importance of Vulnerability Scans and Pen Testing
22
Jul
July 22, 2023
Power of Covenant C2 Framework
21
Jul
July 21, 2023
DOM-Based Cross-Site Scripting
21
Jul
July 21, 2023
Defending Against Phishing Attacks
19
Jul
July 19, 2023
Understanding CRLF Injection Attacks
18
Jul
July 18, 2023
Exploiting MS SQL Servers
17
Jul
July 17, 2023
BloodHound Cheat Sheet
15
Jul
July 15, 2023
Resource-Based Constrained Delegation (RBCD) Attack
15
Jul
July 15, 2023
AS-REP Roasting
13
Jul
July 13, 2023
Exploiting Active Directory Certificate Services (AD CS)
13
Jul
July 13, 2023
A Comprehensive Guide to Android Penetration Testing
11
Jul
July 11, 2023
What is Objective-Based Penetration Testing?
10
Jul
July 10, 2023
Pen testing vs Bug Bounty
08
Jul
July 08, 2023
Maximizing Active Directory Security: Tips and Best Practices
07
Jul
July 07, 2023
How OSINT Can Revolutionize Your Information Gathering
06
Jul
July 06, 2023
Mastering Scoping: The Key to Effective Penetration Testing
04
Jul
July 04, 2023
Cost-Effective Penetration Testing
01
Jul
July 01, 2023
Exploiting Excessive Container Capabilities
29
Jun
June 29, 2023
Understanding False Positives in Penetration Testing
26
Jun
June 26, 2023
Penetration Testing Costs: Exploring Four Key Elements
20
Jun
June 20, 2023
Mastering Burp Suite Extension Development
16
Jun
June 16, 2023
What is LLMNR Poisoning and How to Avoid It
14
Jun
June 14, 2023
Cyber Resilience: Essential Steps and Strategies for Effective Penetration Testing
03
Jun
June 03, 2023
6 Proven Tips to Protect Your Business from Cyber Threats
01
Jun
June 01, 2023
How to Find and Fix SMB Signing Disabled Vulnerability
26
May
May 26, 2023
The Ultimate Checklist for Your Penetration Testing Report
24
May
May 24, 2023
Importance of Good Scoping in Penetration Testing
20
May
May 20, 2023
Cybersecurity Challenges Facing Small Businesses Today
19
May
May 19, 2023
How Weak Passwords in Active Directory Put Your Business at Risk
19
May
May 19, 2023
Zero-Day Vulnerabilities and Attacks: How to Secure Your Business
18
May
May 18, 2023
Why Pen Testing is Critical in the Fight Against Ransomware
18
May
May 18, 2023
Insecure Volume Mounts in Docker
16
May
May 16, 2023
Top Cybersecurity Trends to Watch in 2023
16
May
May 16, 2023
Zero Trust Security: Rethinking Network Perimeters in the Modern Era
15
May
May 15, 2023
The Importance of Regular Active Directory Security Audits
15
May
May 15, 2023
How to Safeguard Yourself from Password Spraying Attacks
13
May
May 13, 2023
5 Quick Wins to Ace Your Next Penetration Test
10
May
May 10, 2023
What is Purple Teaming?
05
May
May 05, 2023
Choosing the Best Penetration Testing Services
01
May
May 01, 2023
Red Team vs Blue Team Key Differences
27
Apr
April 27, 2023
Penetration Testing Vs Red Teaming
21
Apr
April 21, 2023
Azure Privilege Escalation Via Service Principal
11
Apr
April 11, 2023
Introduction to IoT Security
07
Apr
April 07, 2023
Docker Hardening Best Practices
07
Apr
April 07, 2023
Attacking Kubernetes (Part 1)
29
Mar
March 29, 2023
6 ways Data Breaches Can Strike Your Brand Value
28
Mar
March 28, 2023
Kerberos Attacks (Part 2)
02
Mar
March 02, 2023
Attacking Kerberos Delegation
03
Feb
February 03, 2023
Buffer Overflow Basics
31
Dec
December 31, 2022
Exploiting MySQL Service
22
Dec
December 22, 2022
Android Webview Vulnerabilities
21
Dec
December 21, 2022
Kerberos Attacks- Part 1
19
Dec
December 19, 2022
Dependency Confusion Attack and its Mitigation
06
Dec
December 06, 2022
Seven Common Web App Vulnerabilities
05
Dec
December 05, 2022
Why Healthcare Industry Needs Pentesting?
28
Nov
November 28, 2022
Windows UAC Bypass
21
Nov
November 21, 2022
What is PCI DSS Pentesting?
17
Nov
November 17, 2022
A Complete Guide to Phishing Simulation with Gophish
05
Nov
November 05, 2022
Integer Overflow in Smart Contract
04
Nov
November 04, 2022
Exploiting Broadcast Receivers
26
Oct
October 26, 2022
Exploiting Content Providers
18
Oct
October 18, 2022
OSINT with Maltego
15
Oct
October 15, 2022
Android Pentesting with Drozer
07
Oct
October 07, 2022
Introduction to OSINT
26
Sep
September 26, 2022
IPV6 DNS Takeover
26
Sep
September 26, 2022
Active Directory Basics
21
Sep
September 21, 2022
Blockchain 101
11
Sep
September 11, 2022
JWT Authentication Bypass
03
Sep
September 03, 2022
Insecure Deserialization in Java
21
Aug
August 21, 2022
Intro to Software Reverse Engineering (Part 3)
13
Aug
August 13, 2022
Intro to Software Reverse Engineering (Part 2)
12
Aug
August 12, 2022
Insecure Deserialization in Python
08
Aug
August 08, 2022
Intro to Software Reverse Engineering – Part 1
03
Aug
August 03, 2022
Insecure Deserialization in PHP
26
Jul
July 26, 2022
Sensitive Data Exposure in Local Storage IOS
24
Jul
July 24, 2022
IOS Architecture
03
Jul
July 03, 2022
Re-entrancy attacks in smart contracts
01
Jul
July 01, 2022
Intro to BEFF Framework
23
Jun
June 23, 2022
Bypass SSL Pinning on IOS Application
13
Jun
June 13, 2022
Android Tapjacking Vulnerability
06
Jun
June 06, 2022
PLC Hacking (Pt. 2)
06
Jun
June 06, 2022
IOS Jailbreaking
31
May
May 31, 2022
PLC Hacking (Pt. 1)
26
May
May 26, 2022
Broken Cryptography in Android Applications
20
May
May 20, 2022
Raspberry PI Pentest Dropbox
17
May
May 17, 2022
Android Pentesting Methodology (Pt. 3)
08
May
May 08, 2022
Android Pentesting Methodology (Pt. 2)
06
May
May 06, 2022
Purdue Model for OT Security
06
May
May 06, 2022
Android Pentesting Methodology (Pt. 1)
05
May
May 05, 2022
Why Start-ups need Penetration Testing?
01
May
May 01, 2022
Hacking Electron Apps
30
Apr
April 30, 2022
Vlan Hopping
28
Apr
April 28, 2022
Vulnerability Scanning Vs Penetration Testing
25
Apr
April 25, 2022
Why do we need a Web App Pen test
23
Apr
April 23, 2022
Top 5 Reasons Why You Need a Penetration Test
22
Apr
April 22, 2022
Android Root Detection Bypass Using Bypass
21
Apr
April 21, 2022
WI-FI Hacking (Pt. 2)
20
Apr
April 20, 2022
SSL Pinning Bypass for Android using Frida
16
Apr
April 16, 2022
Misconfigured Amazon S3 Buckets
15
Apr
April 15, 2022
NGINX Zero-Day Vulnerability 1
14
Apr
April 14, 2022
Benefits of Penetration Testing
13
Apr
April 13, 2022
Wifi Hacking (Pt.1)
13
Apr
April 13, 2022
Spring4Shell Vulnerability
09
Apr
April 09, 2022
Hacking GraphQL (Part 3)
07
Apr
April 07, 2022
Server-Side Request Forgery
06
Apr
April 06, 2022
Antivirus Evasion (Part 2)
05
Apr
April 05, 2022
Hacking GraphQL Part 2
03
Apr
April 03, 2022
No SQL Injection
02
Apr
April 02, 2022
Antivirus Evasion (Part 1)
25
Mar
March 25, 2022
Hacking GraphQL Part 1