Blog Posts

Discover critical vulnerabilities in the ZBT WE1626 Wireless Router, including unauthenticated remote code execution, insufficient debug interface protection, and UART interface issues. Learn how these weaknesses can impact your network and the steps to mitigate them effectively.

Discover how to build a robust AppSec program in our comprehensive 4-part series. Learn key roles, budget allocation, KPI tracking, and innovative strategies to balance security with development. Perfect for tech leaders looking to enhance their application security and safeguard their business.

Explore the capabilities of Hawk, a powerful Golang tool designed for red team operations, which discreetly captures and exfiltrates SSH, SU, and Sudo credentials from Linux systems. This blog post dives into Hawk's role in the WRCCDC competition, demonstrating how it enhances network penetration tactics by maintaining persistent access and facilitating network escalation. Learn about Hawk's operational mechanics, its stealth features that evade detection, and its integration into red team TTPs for advanced cybersecurity testing.

This week, the National Institute of Standards and Technology (NIST) has released the Cybersecurity Framework (CSF) 2.0, a guide for organizations to implement cybersecurity. This updated framework not only reinforces cybersecurity fundamentals but also introduces enhancements that align with the ever-evolving threat landscape. Let's dive into what's new in NIST 2.0 and why companies should take note.

Reverse Engineering Android Apps To Find AWS Credentials. What to look for when performing android pentesting!

Hey everyone! Exciting times, huh? So, you stumbled upon an LFI vulnerability that unveiled some magical Auth0 credentials. Now, what’s the next move? In this blog post, I’ll guide you.....