by Sebastian Maltz | Dec 19, 2018
In this post I would like to share some steps that were required before testing could begin during a web API penetration test. The scenario of the engagement was: – A web API that came with a command line client, written in python The following steps were...
by secforce | Jun 27, 2017
Our latest adventures took us to the magical world of… FIX protocols! The Financial Information eXchange (FIX) protocol manages the processing of real-time exchanged information within Financial Markets. It was originally authored in 1992 and became very famous...
by Antonio Quina | Jan 5, 2015
SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his/her toolkit and by...
by Nikos Vassakis | Nov 24, 2014
Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. Due to popular demand, in this new version, Tunna (v1.1a) can be set up to be a local SOCKS proxy, that will accept any TCP traffic and send over to the webserver using HTTP requests....
by Dan Duffy | Apr 3, 2014
This series will follow the process of reverse engineering router firmware with the purpose of discovering any vulnerabilities that could be used either remotely or locally to compromise the router. In this section I will mainly be covering how to extract/download the...
by Antonio Quina | Mar 25, 2014
What is it? It is a known fact that all hackers like terminals but most (good) hackers also like efficiency and automating repetitive tasks. This is where SPARTA comes in. SPARTA is a python GUI application which simplifies network infrastructure penetration testing...