Logging – Mobile Application Penetration Testing #6
Welcome back to the long awaited next entry in Brackish Security’s Mobile Application Penetration Testing series. When conducting mobile application penetration testing, inspecting logs on iOS and Android is a crucial step in understanding how an app behaves, particularly in how it handles sensitive...
Physical Penetration Testing: Why Every Company Should Prioritize It
In an era dominated by digital transformation, businesses are more focused than ever on securing their online assets. Cybersecurity measures such as firewalls, antivirus software, and encryption protocols are essential, but one often overlooked aspect of comprehensive security is physical...
JavaScript Source Map Vulnerabilities
What is a JavaScript source map file? Source map files map the transformed, minified, or compiled code back to the original source code, and they can often be found exposed publicly in web applications. This is particularly useful for debugging...
IoT Penetration Testing Part 1
IoT Penetration Testing is one of our favorite types of testing here at Brackish Security. This will be the first of a multi-part blog series on embedded device security (the “Internet of Things” or IoT). Our goal is to show...
MouseJacking (With Flipper Zero): Tales from Pen Testing Trenches
As a continuation in our series of penetration testing stories (who doesn’t love those) we bring you MouseJacking (With Flipper Zero). Check out the first blog post in the series here here. In this engagement, we were successfully able to...
The Ultimate Guide to Protecting Your Business from Phishing Scams
In today’s digital age, cybersecurity is not just a technical necessity but a cornerstone of a successful business strategy. Among the myriad of cyber threats, phishing scams stand out for their cunning simplicity and devastating effectiveness. Phishing attacks manipulate human...
Different Types of Penetration Testing: A Comprehensive Guide
Penetration testing, a critical component of cybersecurity, involves evaluating the security of IT systems by simulating cyber attacks. These tests are essential for uncovering vulnerabilities that could be exploited by hackers. This post explores the various types of penetration testing,...
Penetration Testing 101: What Every Business Owner Should Know
As the digital landscape evolves, so do the challenges in maintaining robust cybersecurity. For business owners navigating this terrain, understanding the role and significance of penetration testing, commonly referred to as pen testing, is essential. This introductory guide aims to...
The Risks of Storing Passwords in SharePoint
In the era of increasing cyber threats, the security of sensitive information has become paramount for organizations of all sizes. SharePoint, a widely used platform for collaboration and information management, is not immune to these concerns. A particularly alarming issue...
What is Blind XSS?
You may have heard of Reflected Cross Site Scripting (XSS) or Stored XSS, but what is Blind XSS? Unlike traditional XSS attacks, where the immediate impact is visible, Blind XSS vulnerabilities are typically triggered when the malicious input is viewed...