For the Techs 03 Aug 2018 Taking Local File Disclosure to the Next Level I recently discovered a path traversal vulnerability on a bash script exposed through the cgi-bin directory on an Apache server.… Read More
For the Techs 24 Jul 2018 Deserialisation Vulnerabilities Updated: Jul 21, 2020 Seemingly one of the most overlooked security vulnerabilities in the web applications that we test is… Read More
For the Techs 10 Jun 2017 Stealing Amazon EC2 Keys via an XSS Vulnerability On a recent engagement, our testers were faced with a single page web application which was used to generate PDF… Read More
For the Techs 10 May 2017 Android Exploit Development with the Android Open Source Project Toolchain In 2015 a group of vulnerabilities labelled as Stagefright gained notoriety for their ability to hack your device via MMS… Read More