Labs

Take a look at our tools, presentations, and policies.

Web Cache Session Hijacking

In recent years it has become popular to use Content Delivery Networks (CDN) provided by cloud hosting providers. Amazon's CloudFront is an example of a popular CDN. These CDNs can take advantage of HTTP Caching to reduce latency for a global pool of end users. There...
Network monitoring with nmap

Network monitoring with nmap

Asset management is a problem we help many of our customers with. What are an organization's assets, and how accurate and up-to-date is this information? Even with a mature asset management program, organizations want some form of validation of their result. From a...

Android Hard Coded Secrets

Android Hard Coded Secrets

One of the more common findings we report for Android security reviews is an issue involving hard coded secrets. This blog post will specifically focus on hard coded secrets used for encrypting application data. I'll try to use a bit of light threat modeling and risk...

Web Cache Session Hijacking

Web Cache Session Hijacking

In recent years it has become popular to use Content Delivery Networks (CDN) provided by cloud hosting providers. Amazon's CloudFront is an example of a popular CDN. These CDNs can take advantage of HTTP Caching to reduce latency for a global pool of end users. There...