You can setup SSL on your website using LetsEncrypt. I have encountered a few times when you want to add new domain to the LetsEncrypt, it throws the following error.

What’s the first thing come to your mind when you think of doing network pentest of over 1000 IPs in couple of weeks? Is it really possible? Answer is YES!!!

We have had a couple of penetration test engagements that involved GraphQL endpoints. At first, it looked complex and we sketched out the methodology and approach to perform the penetration test. Here’s how it went,

A quick blog post and reference guide to setup and getting started with Android application penetration testing.

We recently performed an internal network penetration test for a large enterprise with up to 3 domains and 2000+ hosts. We had zero knowledge of the target network (as an attacker would have) and were placed onto the user VLAN with unauthenticated access.

We recently performed another internal network assessment with the goal to gain Domain Administrator access on the target network. We had unauthenticated access to the network, i.e. unauthorized user or an internal attacker onto the user LAN.