Blog

By category:
Sławomir Zakrzewski

This article explains how SQL injection vulnerabilities can still occur in applications using modern ORM frameworks. It describes how to identify insecure patterns and write safer code, providing practical examples to illustrate common pitfalls and secure practices.

Karol Mazurek

How broken access and Null Pointer Dereference was found in macOS IOMobileFramebuffer (AppleCLCD2) service.

voip-featured-image
Zbigniew Piotrak

VoIP is transforming business communication with flexibility and cost savings. However, its reliance on the internet brings cybersecurity risks. Discover how VoIP works, common threats, and the role of penetration testers in protecting organizations.

Paweł Zdunek

Invoker is a Burp Suite extension that automates external tools like dosfiner, sqlmap, nuclei, or ffuf, bridging the gap between captured requests and CLI commands.

Michał Majchrowicz

Explore how Windows API functions like GetWindowTextA and WM_GETTEXT can be used to interact with SAP GUI controls using Python. Whether retrieving window titles, extracting hidden text, or analyzing user input fields, these methods provide valuable insights for enhancing the security of SAP systems with penetration tests.

Karol Mazurek

Technical analysis of NULL Pointer Dereference bugs, mitigations, and exploit development challenges on Apple Silicon macOS.

A hound on a leash that represents the constraints that we put on Large Language Models.
Mateusz Wojciechowski

This article touches on the subject of recommendations for fixing Prompt Injection vulnerabilities. It introduces broad categories of the mitigations and explains issues with them.

Sławomir Zakrzewski

In this article, we explore TOCTOU vulnerabilities, subtle yet dangerous race conditions that occur when security checks and resource usage are not tightly coupled. In C# development on Windows, where file operations and dynamic code loading are common, understanding and mitigating these risks is essential for building secure and resilient applications.

Karol Mazurek

Discover how attackers bypass Outlook spam filters using disguised hyperlinks to deliver malicious ISO files. Learn the risks and how to protect your inbox.

Marcin Węgłowski

Bricked your Proxmark3? No problem! This guide shows you how to revive it using Flipper Zero as a JTAG adapter, from setup to flashing recovery firmware. Plus, we’ll explore how JTAG can be used in hardware security and penetration testing.

Is your company secure online?

Join our list of satisfied customers and safeguard your company’s data!

Trust us and leave your contact details. Our team will contact you to discuss the details and prepare a tailor-made offer for you. Full discretion and confidentiality of your data are guaranteed.

Willing to ask a question immediately? Visit our Contact page.