White paper: Security of IoT Wireless Technologies 25 pages to know the existing and exploitable vulnerabilities on these technologies, as well as the means to counter or reduce the risks. 05.02 IoT
Logging & Monitoring: definitions and best practices The OWASP Top 10 2017 introduces the risk of insufficient logging and monitoring. Indeed, inherent problems in this practice are often underestimated ... 21.01 Applications
Certificate and Public Key Pinning Introduction to Public Key Certificate A digital certificate is a data file that allow, on the one hand, the non-repudiation and the integrity of data... 10.12 Applications
How to optimise your use of Metasploit The Metasploit framework is an open source tool, allowing searching, analysing and exploiting vulnerabilities. It has many modules and tools that can ... 19.11 Applications
Should you do a demonstration of your solution to pentesters before a penetration test? Before starting a penetration test (pentest), should you present your product or solution to pentesters? It all depends on your situation and on your ... 05.11 Applications
Exploiting the SSRF vulnerability (2/2) In this previous article, we have seen what a SSRF vulnerability is, and how, in general, it can be exploited. We had placed ourselves in a quite simp... 14.10 Applications
Burp’s Functionalities and Extensions to Gain Efficiency Now that we have introduced four main functionalities of Burp Suite in the previous article, we will go a bit further with some functionalities and ex... 03.09 Applications
Bluetooth Low Energy & Security of Connected Devices Alternative to classic Bluetooth, Bluetooth Low Energy is chosen increasingly for the IoT. This technology, also known as the abbreviation BLE, is est... 08.08 IoT
Internal Pentest: What You Need to Know About this Type of Security Audit When we talk about cyberattacks, we often think of malicious activities coming from external attackers, while internal attacks are on the rise. In the... 28.05 Infra & Network
Understanding USB Attacks USB devices are so convenient. Whenever we need to store small amounts of data, we use a USB stick. Everyone owns one and we generally trust it to be ... 09.05 Phishing & Social Engineering
Pentest IoT: 10 hardware & software tests Internet of Things security is a current topic, however penetration testing on connected devices are far from being a widespread practice. Most manufa... 24.04 IoT
Social Engineering: Experience feedback! We are regularly conducting social engineering penetration tests for our clients.Our pentesters (security experts) tried various techniques, scenarios... 04.04 Phishing & Social Engineering