NotSoSecure Blog

Bypassing Jailbreak Detection in iOS

05 Feb 2016

In today’s connected modern world every organization wants to have a mobile application for its own services. This also requires that these applications go through a security check / penetration…

Read More

ICMP Tunnels – A Case Study

15 Oct 2015

On a recent Pen Test project, we encountered a situation where the outbound traffic on the server was not allowed. Only ICMP (and DNS) traffic was allowed. In this blog…

Read More

Remote code execution via PHP [Unserialize]

24 Sep 2015

At NotSoSecure, we conduct Pen Test/ Code Reviews on a day-to-day basis and we recently came across an interesting piece of PHP code that could lead to RCE, but the…

Read More

Read More

Malware Analysis

16 Oct 2014

Issue System Administrator finds a suspicious dll running named as “COM APPLICATION SUPPORT.DLL” and raises a security concern. Static Analysis We started the analysis by loading the file to check…

Read More

Read More

Read More

SqliLab CTF, Wrap Up!

21 Apr 2014

As you would have noticed from the noise on twitter and other channels, the 2nd public CTF was a major success. Over 3000 registrations, ~7K unique IPs, 7 GB of…

Read More