Exploiting the SSRF vulnerability (2/2) In this previous article, we have seen what a SSRF vulnerability is, and how, in general, it can be exploited. We had placed ourselves in a quite simp... 14.10 Applications
Burp’s Functionalities and Extensions to Gain Efficiency Now that we have introduced four main functionalities of Burp Suite in the previous article, we will go a bit further with some functionalities and ex... 03.09 Applications
Bluetooth Low Energy & Security of Connected Devices Alternative to classic Bluetooth, Bluetooth Low Energy is chosen increasingly for the IoT. This technology, also known as the abbreviation BLE, is est... 08.08 IoT
Internal Pentest: What You Need to Know About this Type of Security Audit When we talk about cyberattacks, we often think of malicious activities coming from external attackers, while internal attacks are on the rise. In the... 28.05 Infra & Network
Understanding USB Attacks USB devices are so convenient. Whenever we need to store small amounts of data, we use a USB stick. Everyone owns one and we generally trust it to be ... 09.05 Phishing & Social Engineering
Pentest IoT: 10 hardware & software tests Internet of Things security is a current topic, however penetration testing on connected devices are far from being a widespread practice. Most manufa... 24.04 IoT
Social Engineering: Experience feedback! We are regularly conducting social engineering penetration tests for our clients.Our pentesters (security experts) tried various techniques, scenarios... 04.04 Phishing & Social Engineering
What does a penetration test vs a vulnerability scanner bring? The first one and the second are said to be the best allies of CISO (and in general people in charge of IT security). There are though two different t... 31.01 Applications
What R.O.I for a Security Audit? It is a question that we often hear. Unfortunately Sorry, we don’t have a ready made formula to reveal. The return on investment of a pentest is compl... 28.11 Applications
Protect yourself from CSRF attacks with the SameSite cookie attribute What is a Cross Site Request Forgery Attack? The CSRF is an attack that forces an end user to perform unwanted actions and without noticing on a web a... 18.10 Applications
Administration Interfaces: The Underestimated Weakness Administration interface, back-office, dashboard, admin panel… several names for the same thing: the place where organizations manage their data, supe... 11.07 Applications
Understanding the Web Vulnerability Server-Side Request Forgery (1/2) We often think that a firewall restrictive enough protects the access to non-open services. We also believe that only a compromise machine can gi... 15.05 Applications
