Introduction In this post, we will aim to touch on the CVE-2020-0796 vulnerability, which was initially publicly disclosed by Microsoft. This post also attempts to illustrate basic windbg usage for dynamic vulnerability analysis. IDA disassembler will also be used in...
This blog post is the first in a series of posts about the world of web app penetration testing. What you are reading now is but an introduction aiming to introduce the aspiring pentester to essential knowledge and tools. Although further articles addressed to more...
The holiday season is upon us once again. From everyone at TwelveSec I want to extent our best wishes. Along with the season greetings, this time of year also brings holiday shopping. Year after year people abandon the traditional shopping routines and turn online for...
Part 1 In this blog post series, we will show you certain steps among with the tools used in order to conduct IoT security assessments. In this first part you will need a .bin file of a device firmware in order to continue. Tools needed file It...
During the Bsides Athens 2018 conference, I made a presentation on how – during a penetration test exercise – we managed to infiltrate malware and exfiltrate data in/out of a corporate secure laptop, that was using the “Walled Garden”...
PassCat is an open source Windows native C++ application capable of retrieving the passwords stored locally on a computer. We have developed this tool with the hope that it will be useful to Penetration Testers and Red Teams that wish to collect the passwords stored...
* Opinions hosted on this blog do not necessarily represent TwelveSec, nor encourage the purchase of specific products or services. Any trademarks mentioned remain the property of the respective trademark holders. Tips provided are only provided as informative in nature and should not be relied on as advice or counsel.
