OUR BLOG
A touch on CVE-2020-0796
Introduction In this post, we will aim to touch on the CVE-2020-0796 vulnerability, which was initially publicly disclosed by Microsoft. This post also attempts to illustrate basic windbg usage for dynamic vulnerability analysis. IDA disassembler will also be used in...
Entry level resources for penetration testing
This blog post is the first in a series of posts about the world of web app penetration testing. What you are reading now is but an introduction aiming to introduce the aspiring pentester to essential knowledge and tools. Although further articles addressed to more...
12 Cyber Security Tips For Your Holidays Online Shopping
The holiday season is upon us once again. From everyone at TwelveSec I want to extent our best wishes. Along with the season greetings, this time of year also brings holiday shopping. Year after year people abandon the traditional shopping routines and turn online for...
IoT Penetration Testing Part 1
Part 1 In this blog post series, we will show you certain steps among with the tools used in order to conduct IoT security assessments. In this first part you will need a .bin file of a device firmware in order to continue. Tools needed file It...
BSides Athens 2018 – This is a serious laptop; No games and chatting possible, OK?
During the Bsides Athens 2018 conference, I made a presentation on how - during a penetration test exercise - we managed to infiltrate malware and exfiltrate data in/out of a corporate secure laptop, that was using the "Walled Garden" architecture. We managed that by...
PassCat : a Windows Passwords Recovery Tool
PassCat is an open source Windows native C++ application capable of retrieving the passwords stored locally on a computer. We have developed this tool with the hope that it will be useful to Penetration Testers and Red Teams that wish to collect the passwords stored...