Seven Common Web App Vulnerabilities

Seven Common Web App Vulnerabilities

Seven Common Web App Vulnerabilities December 06, 2022 Web Application Tarak Sakhardande Web applications are essential to our daily lives but pose a significant security risk. Cybercriminals are always looking for ways to exploit vulnerabilities in web applications to gain unauthorized access, steal data, or compromise systems. This blog will discuss the seven most common […]

Why Healthcare Industry Needs Pentesting?

Why Healthcare Industry Needs Pentesting?

Why Healthcare Industry Needs Pentesting? December 05, 2022 Informational Srishti Chopra In recent years, the cyber threat to the healthcare industry has increased dramatically. This new era of digitization has brought many benefits to the healthcare industry, but as medical device automation becomes more complex, it becomes more susceptible to cyberattacks. There are numerous reasons […]

Windows UAC Bypass

Windows UAC Bypass

Windows UAC Bypass November 28, 2022 Privilege Escalation Gaurav Choudhari What is UAC? UAC (User Account Control) is a windows security feature that forces any new process to run in non-elevated mode by default. Any process executed by any user including administrators themselves has to follow the rules of the UAC I.e., ‘Do not trust […]

What is PCI DSS Pentesting?

What is PCI DSS Pentesting?

What is PCI DSS Pentesting? November 21, 2022 Informational Srishti Chopra Payment Card Industry Data Security Standard (PCI DSS) is a set of rules designed to keep credit cardholder information safe. It is an operational prerequisite for businesses that handle or store cardholder data. Your company will need penetration testing for PCI DSS compliance to […]

A Complete Guide to Phishing Simulation with Gophish

A Complete Guide to Phishing Simulation with Gophish

A Complete Guide to Phishing Simulation with Gophish November 17, 2022 Social Engineering Redfox Security Team What is Phishing? Phishing is a social engineering attack used to obtain user information such as login credentials and credit card information. It happens when a malicious actor pretends to be someone or something trustworthy to trick a victim […]

Integer Overflow in Smart Contract

Integer Overflow in Smart Contract

Integer Overflow in Smart Contract November 05, 2022 Smart Contract Security Redfox Security Team Overflow and Underflow are the two forms of flow in blockchain. When a single numerical computation is performed, the output exceeds the maximum that a register or memory can store or represent. This is referred to as an “overflow.” In the […]

Exploiting Broadcast Receivers

Exploiting Broadcast Receivers

Exploiting Broadcast Receivers November 04, 2022 Android Redfox Security Team What are Broadcast Receivers? A broadcast receiver is a component in Android applications that allows the system to send events to applications that are not part of the standard user stream. Broadcast receivers are set up to receive specific events. When the event occurs, the […]

Exploiting Content Providers

Exploiting Content Providers

Exploiting Content Providers October 26, 2022 Android Redfox Security Team In the previous blog, we described the Drozer tool; in this blog, we are going to discuss Content Providers. What are Content Providers? Content Providers are a crucial component of a relational database because they enable the storage of application data. In the Android system, […]

OSINT with Maltego

OSINT with Maltego

OSINT with Maltego October 18, 2022 Cybersecurity Redfox Security Team What is Maltego? Maltego is an application for data mining that mines open-source data sources and generates graphs for relationship analysis. The graphs simplify the linking of data such as a person’s name, email organizational structure, domains, documents, etc. Maltego is available for Windows, Mac, […]

Android Pentesting with Drozer

Android Pentesting with Drozer

Android Pentesting with Drozer October 15, 2022 Android Redfox Security Team In this blog, we are going to discuss the Drozer tool for pen-testing Android applications. What is Drozer? The Android evaluation tool, Drozer, was introduced in March 2012 at Blackhat EU under the name Mercury. Its primary goal was to dissuade the prerequisite of […]