LedgerSMB – CVE-2024-23831: Privilege escalation through CSRF attack on “setup.pl”
by George Roumeliotis | February 2, 2024 | BLOG | 0 Comments
During an assessment, we discovered a vulnerability in the LedgerSMB application, a widely-used open-source accounting software tailored for small and mid-size businesses. This vulnerability,...
The Current State of Phishing Attacks
by Andrei Grigoras | November 22, 2023 | BLOG | 0 Comments
Modern Challenges and SolutionsPart 1: Defenses Against Phishing AttacksPhishing attacks, one of the oldest types of cyber threats, have become more sophisticated and diverse. This evolution is due,...
Bypassing anti-reversing defences in iOS applications
by Xenofon Vassilakopoulos | October 10, 2023 | BLOG | 0 Comments
Introduction This blog post provides a walktrough on dynamically bypassing anti-debugging and anti-reversing defences in iOS applications. Furthermore, this blog post is using resources from OWASP...
iOS Instrumentation using Corellium, frida and r2frida
by Xenofon Vassilakopoulos | September 27, 2023 | BLOG | 0 Comments
Introduction In this blog post we will discuss the use of Corellium emulator in Penetration Testing engagements. This blog post will also provide a walktrough on how to bypass Jailbroken detection...
Basic knowledge to get started with Penetration Testing
by Andrei Grigoras | November 18, 2022 | BLOG | 1 Comment
Before jumping into the basic resources that a pentester should be familiar with, we first need to have an overview on what Penetration Testing actually is. As most online resources will mention,...