Labs

Take a look at our tools, presentations, and policies.

Advisories

Slides

Tools

Disclosure Policy 

Whitepapers 

    The 5 Most Common GraphQL Security Vulnerabilities

    by | April 16, 2020 | Exploits, Labs, News, Techniques, Tools | 0 Comments

    Intro - GraphQL GraphQL (GQL) is a popular data query language that makes it easier to get data from a server to a client via an API call. GQL is commonly deployed as a critical piece of the technology stack for modern web and mobile applications, and as a result,...
    Read More
    Owning a device with a single jump

    Owning a device with a single jump

    by | Jan 13, 2020 | , ,

    Back when I first read about this thing called “hacking” I thought I’d be spending all my days overflowing NSA buffers with plagiarized shell code and going by some cool hacker name like “1337BadGeR”. Sadly for me, upon entering the actual world, I had to get back in...

    Network monitoring with nmap

    Network monitoring with nmap

    by | Nov 4, 2019 | ,

    Asset management is a problem we help many of our customers with. What are an organization's assets, and how accurate and up-to-date is this information? Even with a mature asset management program, organizations want some form of validation of their result. From a...

    Android Hard Coded Secrets

    Android Hard Coded Secrets

    by | Aug 30, 2019 | , , ,

    One of the more common findings we report for Android security reviews is an issue involving hard coded secrets. This blog post will specifically focus on hard coded secrets used for encrypting application data. I'll try to use a bit of light threat modeling and risk...