Research & Blog Posts
Bluestacks 5 & Andrdoid Penetration Testing
Bluestacks is a great alternative to Genymotion and Android Studio. In this post we'll talk about how to configure Bluestacks 5 for Android penetration testing. We'll cover Rooting the device, installing root certificates and installing Frida. #blog
Circumventing GARP on Cisco IP Phones
A number of years ago we got to study Cisco IP phones on our own VLAN. This post talks about how it was possible to bypass integrated security controls and intercept private calls. We also made many other interesting observations that directly affected the security of these devices. #research
Forcing MiTM via Saved Wireless Networks
In this paper we'll discuss research that was conducted on attacking unconnected wireless devices, such as mobile handsets to malicious networks. This can successfully lead to a MiTM attack without any end-user interaction. #research
Automated Burp Authorisation Testing
In this post we'll discuss a Jython based Burp plugin, "Authbreaker" we developed to test for authorisation issues in web applications and APIs. #tool