by George Karagiannidis | Mar 31, 2020 |
Introduction In this post, we will aim to touch on the CVE-2020-0796 vulnerability, which was initially publicly disclosed by Microsoft. This post also attempts to illustrate basic windbg usage for dynamic vulnerability analysis. IDA disassembler will also be used in...
by Gerasimos Kassaras | Mar 4, 2020 |
This blog post is the first in a series of posts about the world of web app penetration testing. What you are reading now is but an introduction aiming to introduce the aspiring pentester to essential knowledge and tools. Although further articles addressed to more...
by Athan Georgopoulos | Dec 17, 2018 |
The holiday season is upon us once again. From everyone at TwelveSec I want to extent our best wishes. Along with the season greetings, this time of year also brings holiday shopping. Year after year people abandon the traditional shopping routines and turn online for...
by George Karpouzas | Oct 10, 2018 |
Part 1 In this blog post series, we will show you certain steps among with the tools used in order to conduct IoT security assessments. In this first part you will need a .bin file of a device firmware in order to continue. Tools needed file It...
by Yiannis Koukouras | Oct 1, 2018 |
During the Bsides Athens 2018 conference, I made a presentation on how – during a penetration test exercise – we managed to infiltrate malware and exfiltrate data in/out of a corporate secure laptop, that was using the “Walled Garden”...
by George Karpouzas | Sep 28, 2018 |
PassCat is an open source Windows native C++ application capable of retrieving the passwords stored locally on a computer. We have developed this tool with the hope that it will be useful to Penetration Testers and Red Teams that wish to collect the passwords stored...
