OUR BLOG
Would you enrich your password list with your client passwords?
Gaining access to a remote system always gives us pentesters a feeling of satisfaction. Specifically, gaining remote command execution on a system is the ultimate goal for a pentester, in order to gain an initial foothold into the target’s system. Besides direct...
Using a GSM tester to intercept calls and SMS (Part 2): Equipment and setup
Practical Setup and tools In the previous "Using a GSM tester" post, we examined the theoretical aspect of the fake base station attack. Today, we will focus on more technical details, discussing about the equipment needed, and the setup required for the...
Using a GSM Tester to itercept calls and SMS (Part 1)
In the next few blog posts we will focus on both landline and mobile telecommunication systems security. This is the first in a series of articles that will present the theoretical background behind a method to intercept calls and SMS in GSM networks, while the next...
App Security 101: A list of top 10 vulnerabilities and how to avoid them
App development is becoming more and more popular, as web and software developers are migrating to the mobile industry. Apps have become a part of mainstream culture and entered our everyday lives – at increasing levels. The app economy is comprised of approximately 2...
Confessions of a Remote Pentester
What do you choose as a pentester, when your work ethics are in conflict with your dedication to the security community. To disclose vulnerabilities you’ve found or not to disclose? As a penetration tester, during an engagement you are often asked to assess a product...
Welcome to TwelveSec’s blog
This is not just another technical blog, although technical articles have a big share here; This blog aims to address everyday issues of the security community and through your help add a penny to the evolution of security worldwide.