Blog posts

Explore a detailed case study on detecting vulnerabilities in macOS drivers. Learn how to analyze IOKit, reverse engineer kernel extensions, and debug system crashes using real-world techniques. This guide walks through the discovery of a Denial of Service (DoS) condition in the NS_01 driver within Apple’s IONVMeFamily, offering insights into fuzzing, integer overflow detection, and crash analysis.

Bricked your Proxmark3? No problem! This guide shows you how to revive it using Flipper Zero as a JTAG adapter, from setup to flashing recovery firmware. Plus, we’ll explore how JTAG can be used in hardware security and penetration testing.

Discover how attackers bypass Microsoft 365 spam filters using URL obfuscation to distribute malicious files. This vulnerability, reported to Microsoft but left unpatched, demonstrates why email security requires multiple layers of defense beyond built-in filters.

In this article, we explore TOCTOU vulnerabilities, subtle yet dangerous race conditions that occur when security checks and resource usage are not tightly coupled. In C# development on Windows, where file operations and dynamic code loading are common, understanding and mitigating these risks is essential for building secure and resilient applications.

A practical guide to prompt injection mitigation strategies for LLM applications. Explores 7 defense methods including guardrails, design patterns, and input preprocessing - plus why no solution offers 100% protection.

Technical analysis of NULL Pointer Dereference bugs, mitigations, and exploit development challenges on Apple Silicon macOS.

NetIQ Advanced Authentication reflected XSS vulnerability (CVE-2024-10865) discovered during PostgreSQL injection testing

CVE-2024-24915 is an insecure credential storage flaw in Check Point SmartConsole (R81.20) that leaves user credentials in plaintext memory.

Welcome to the comprehensive guide on Java Remote Method Invocation (RMI) tailored for penetration testers. This article aims to demystify RMI interfaces encountered during infrastructure penetration testing. Due to the depth of this topic, we’ve divided it into two parts. In this initial section, we’ll provide a concise overview of RMI interfaces, demonstrate how to create one for testing purposes, and guide you through the manual construction of an RMI Client to invoke remote methods.

This article explains how SQL injection vulnerabilities can still occur in applications using modern ORM frameworks. It describes how to identify insecure patterns and write safer code, providing practical examples to illustrate common pitfalls and secure practices.