If you haven’t read the previous entry in the Mobile Application Penetration Testing series, check it out. In this post we will start in with a frequently use mobile application security tool – MobSF. This is a tool that you’ll pretty much want to use on every mobile test that you do. As said before,
Welcome to the first of many parts of our series on Mobile Application Penetration Testing. We wanted to write this series because it seems like a lot of the material out there on mobile application penetration testing is out of date, wrong, or lacking. Furthermore, when it comes to mobile application penetration testing, there are
Introduction Credential stuffing is a form of cyberattack where attackers use automated scripts to try a large number of username and password combinations (usually obtained from previous breaches) on multiple websites, hoping that individuals have reused their credentials. While this attack method is not sophisticated, its simplicity and effectiveness make it a go-to strategy for
Prior to reading this, please check out a previous blog of ours on how important an external penetration test is. Hey there, security enthusiasts and curious minds alike! Today, we are taking a deep dive into a topic that’s often buzzing around but isn’t always entirely understood – yes, we’re talking about Internal Penetration Testing
In today’s interconnected world, cyber resilience is not just about protecting data but is closely tied to an organization’s reputation and trustworthiness. A cyberattack doesn’t only translate to financial losses but can significantly tarnish a company’s image. A case in point is the recent cyberattack on Clorox, emphasizing the imperative of preemptive measures, particularly regular
The demand and pressure for penetration testing services are growing every day – ethical hackers are racing to find all the vulnerabilities before the not so ethical ones do. The subject of penetration testing has expanded and deepened, with each specific area, whether web application, IoT, wireless, or even mobile, carrying significant importance. Arguably, the
White box web application penetration testing is one of my favorite things to do in the security world. If you’re new to this, “white box” means you have access to the source code of the application you’re testing. Keep in mind that the vast majority of what I will discuss in this post actually applies
Insecure Design was a new entry when the latest version of the OWASP Top Ten was released in 2021. An really, what it gets at is a good lesson – Designing an application with security in mind can go a long way in ensuring that the end product is robust against all sorts of vulnerabilities.