Recent Posts

Categories

Archives

NotSoSecure joins the Claranet Group

July 5, 2018

The acquisition puts the NotSoSecure business in a position of significantly greater strength, with a broader portfolio of services now available to our customers. NotSoSecure has been acquired by Claranet, one of Europe’s leading managed IT services providers, to add our ethical hacking training and penetration testing services to its… Read More

Data Exfiltration via Formula Injection #Part1

May 29, 2018

Due to a recent intriguing client pentest we became increasingly interested in finding and documenting ways to extract data from spreadsheets using out of band (OOB) methods. The methods we describe in this article assume that we have some control over the content of the spreadsheet (albeit limited), but we… Read More

Analyzing CVE-2018-6376 – Joomla!, Second Order SQL Injection

February 9, 2018

Prefix While there are lots of security bugs disclosed each week, for us pentesters, some are more special than others. Very recently, a Second Order SQL Injection was reported in Joomla! and a good analysis can be found here: https://blog.ripstech.com/2018/joomla-privilege-escalation-via-sql-injection/  In this blog post Savan Gadhiya and Amish Patadiya will… Read More

Anatomy of a Hack: SQLi to Enterprise Admin

September 14, 2017

We were recently engaged in a Red Team exercise in which the only information provided to us was the organisation name. In this blog post Sudhanshu Chauhan explores one of the exploitation paths which led us to gain Windows Enterprise Admin level access from a SQL injection vulnerability. The story… Read More

Instrumenting Native Android Functions using Frida

August 15, 2017

In our previous post: Pentesting Android Application Using Frida, Rohit looked at how we can use Frida for basic run time instrumentation. In short Frida can be used to dynamically alter the behavior of an Android application such as bypassing functions which can detect if the Android device is rooted… Read More