Recently, we got an opportunity to do a security hands-on on an Android native application. This application does not communicate to internet via HTTP protocol or mobile browser. The application communicates with the remote server over TCP on some XYZ port.

ColdFusion had several exploits in the past. ColdFusion 10 being the latest and stable release from Adobe it was hard to find any ready exploits.

Recently, I was engaged in testing an android application. The customer generously provided me his new Samsung 750 Tablet with the application installed on it. The application does not interact with any remote server which meant all application data, database schema and files had to be stored locally.

I hope my last post helped you to kick off android application pentest. In this post, I will cover application specific attacks/checks using adb.exe (Android Debug Bridge) from SDK toolkit.

This post covers some more android application specific attacks and tools which may further help you in pentesting your android app.

What’s the first thing come to your mind when you think of doing network pentest of over 1000 IPs in couple of weeks? Is it really possible? Answer is YES!!!

We recently performed another internal network assessment with the goal to gain Domain Administrator access on the target network. We had unauthenticated access to the network, i.e. unauthorized user or an internal attacker onto the user LAN.

Modern-day mobile applications implement additional levels of security controls that prevent an attacker from intercepting the content for the HTTPS connection. Such implementation won’t allow common proxy tools to intercept and log the application traffic.

We are thrilled to share an exciting milestone in Blacklock's journey towards providing unparalleled cybersecurity services. Our commitment to safeguarding your digital assets and data has always been our top priority.