Insecure Deserialization in PHP
Insecure Deserialization in PHP August 03, 2022 Web Application Redfox Security Team In this blog (part of the “Insecure Deserialization” series), we will discuss insecure deserialization vulnerabilities in PHP and its prevention. The purpose of data serialization and deserialization is that it ensures that the object remains a replica of the original item prior to […]
Sensitive Data Exposure in Local Storage IOS
Sensitive Data Exposure in Local Storage IOS July 26, 2022 iOS Security Redfox Security Team In this blog, we are going to demonstrate how to examine and detect potential security risks in an iOS application based on a Local Data storage evaluation. So, Let’s get this party started. The following are some ways of storing […]
IOS Architecture
IOS Architecture July 24, 2022 Informational Redfox Security Team All Apple mobile devices, including the iPhone, iPad, and iPod, run on iOS, a platform jointly developed with the Darwin foundation. With iOS, the hardware device is managed and the technology needed to create applications for the platform is provided, unlike other significant operating systems. A […]
Re-entrancy attacks in smart contracts
Re-entrancy attacks in smart contracts July 03, 2022 Smart Contract Redfox Security Team What is a Smart Contract? A smart contract is a computer application or a transaction protocol that is designed to execute, control, or document legally significant events and activities in accordance with the conditions of a contract or agreement. The goals of […]
Intro to BEFF Framework
Intro to BEFF Framework July 01, 2022 Technology Redfox Security Team Hey everyone, in this blog, we will be discussing about BeEF, which is short for The Browser Exploitation Framework, and some attacks that can be performed using the framework. BeEF is a penetration testing tool that focuses on the web browser. It is designed […]
Bypass SSL Pinning on IOS Application
Bypass SSL Pinning on IOS Application June 23, 2022 IOS Pentesting Redfox Security Team In this blog we are going to bypass SSL pinning on iOS devices, and test it on a vulnerable application aka DVIA V2. One of the most important aspects of the whole design and development process for mobile apps has always […]
Android Tapjacking Vulnerability
Android Tapjacking Vulnerability June 13, 2022 Android Redfox Security Team In this blog, we are going to talk about Tapjacking and how it operates. In addition to that, we are going to learn about free-floating windows. The Android operating system is based on the Linux operating system and was designed with great aspirations. Android is […]
PLC Hacking (Pt. 2)
PLC Hacking (Pt. 2) June 06, 2022 ICS Security Redfox Security Team Welcome to Part 2 of our “PLC Hacking series”. In our previous blog, we covered setting up our Koyo CLICK PLC and writing our first ladder logic program into the PLC. Here, we are going to learn about overriding PLC data from remote […]
IOS Jailbreaking
IOS Jailbreaking June 06, 2022 Mobile Security Redfox Security Team In this blog, we are going to discuss jailbreaking, its advantages and disadvantages, as well as types and the steps for carrying out a successful jailbreak. The technique of circumventing a smart device’s internal defenses to get total control of the operating system is known […]
PLC Hacking (Pt. 1)
PLC Hacking (Pt. 1) May 31, 2022 ICS Security Redfox Security Team Programmable Logic Controllers (PLCs) are industrial computers used to control different electro-mechanical processes for use in manufacturing, plants, or other automation environments. PLCs can range from small modular devices with tens of inputs and outputs (I/O) in a housing integral with the processor, […]