Cross Site Request Forgery is one of the most happening attacks over the internet today. The attackers find it easy to exploit as it does not require any authentication information, session cookies but only require the user to be authenticated to the application. And this works on every platform.

Pentesting thick client applications is not a new concept instead the techniques adopted are new and interesting. I’m a bit lazy on explaining what thick client apps are, please refer here for more info. GTalk, Pidgin, Skype, MSN are few examples of thick client applications.

Wondering what DAST is and how it can help in identifying vulnerabilities? Well, you have landed on the right page.

We are excited to announce that Blacklock has joined NVIDIA Inception, a program designed to empower and...

We are thrilled to announce that Blacklock Security has been officially approved as a supplier in the...

In a modern digital landscape, it is not the number of cyber threats that are on the rise; it is their sophistication.

We have had a couple of penetration test engagements that involved GraphQL endpoints. At first, it looked complex and we sketched out the methodology and approach to perform the penetration test. Here’s how it went,

A quick blog post and reference guide to setup and getting started with Android application penetration testing.

We're thrilled to introduce BugBait to the community — a purpose-built vulnerable web application for students, developers, and cybersecurity enthusiasts to sharpen their manual hacking skills and exploit a range of vulnerabilities.