PLC Hacking (Pt. 1)

PLC Hacking (Pt. 1)

PLC Hacking (Pt. 1) May 31, 2022 ICS Security Redfox Security Team Programmable Logic Controllers (PLCs) are industrial computers used to control different electro-mechanical processes for use in manufacturing, plants, or other automation environments. PLCs can range from small modular devices with tens of inputs and outputs (I/O) in a housing integral with the processor, […]

Broken Cryptography in Android Applications

Broken Cryptography in Android Applications

Broken Cryptography in Android Applications May 26, 2022 Android Redfox Security Team In this blog we are going to discuss Broken Cryptography in Android Applications. When application developers wish to use encryption in their apps, they have to be aware of broken cryptography attacks. This blog discusses how vulnerabilities caused by faulty encryption might be […]

Raspberry PI Pentest Dropbox

Raspberry PI Pentest Dropbox

Raspberry PI Pentest Dropbox May 20, 2022 Hardware Hacking Redfox Security Team There are situations where On-site penetration testing is not always feasible. It’s better to go for a remote “pentest dropbox” in such cases. The pentest dropbox, in this context, is a Raspberry Pi 4 which is shipped to a remote customer/client. The client […]

Android Pentesting Methodology (Pt. 3)

Android Pentesting Methodology (Pt. 3)

Android Pentesting Methodology (Pt. 3) May 17, 2022 Android Redfox Security Team Part 1 of “Android Pentesting Methodology” covered Android architecture. Part 2 covered APKs, basic app reversing, and popular debugging tools. In this blog post (part 3 of the same series), we will examine static analysis and dive into the inner workings of the […]

Android Pentesting Methodology (Pt. 2)

Android Pentesting Methodology (Pt. 2)

Android Pentesting Methodology (Pt. 2) May 08, 2022 Android Redfox Security Team In part 1 of the “Android Pentesting Methodology” series, we briefly discussed the Android architecture. In part 2 of the same series, we’re going to explore what APKs are, start reversing Android applications and discuss popular debugging tools.  Android is a very developer-friendly […]

Purdue Model for OT Security

Purdue Model for OT Security

Purdue Model for OT Security May 06, 2022 Informational Redfox Security Team What is OT Security? Operational technology (OT) is hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events. Industrial control systems (ICS) are a main component of operational technology. Operational technology […]

Android Pentesting Methodology (Pt. 1)

Android Pentesting Methodology (Pt. 1)

Android Pentesting Methodology (Pt. 1) May 06, 2022 Informational Redfox Security Team In this blog, we’ll discuss Android architecture and the different layers of Android architecture. This blog is part 1 of the “Android Pentesting Methodology” series and forms a basis for our upcoming blog. Before we get into the nitty-gritty of the Android Pentesting […]

Why Start-ups need Penetration Testing?

Why Start-ups need Penetration Testing?

Why Start-ups need Penetration Testing? May 05, 2022 Informational Karan Patel The subject of whether startups require a penetration test comes up frequently when talking to entrepreneurs. Unfortunately, cyber criminals think differently. Adversaries are aware of their weak security postures, and as a result they become easy targets. Penetration testing or pen testing is the practice […]

Hacking Electron Apps

Hacking Electron Apps

Hacking Electron Apps May 01, 2022 Hardware Hacking Redfox Security Team zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because node Integration in webPreferences is true). Electron Applications Electron is a well-known open-source library that is used by well-established firms including Microsoft, Facebook, Slack, and Docker. Using just HTML, […]