While performing security assessments, we at Securify noticed that even though frameworks and network appliances are becoming more secure. Applications and...Read more...
For a project, I needed to decompile programmatically certain classes from an Android APK file. Usually this is done by first extracting the DEX file using apktool, then converting it to a JAR file using dex2jar, and finally decompiling it using tools like JAD or CFR.
In order to compare results from various...Read more...
Transferring files between an attacker's machine and a target machine during penetration tests is a common task for security professionals. This may be needed to transfer a payload, exploit, or retrieve sensitive data from the compromised machine. In some cases, transferring files using a non-interactive shell, a...Read more...
While performing security assessments, we at Securify noticed that even though frameworks and network appliances are becoming more secure. Applications and appliances more often than not, provide secure default values regarding the configurations. In addition, we see that guidelines such as those provided by the NCSC...Read more...
Time based OTP is commonly used for two-factor authentication. It works with a symmetric key. The server generates a key and stores it. It shows a QR code containing the key to the user, who then scans it and stores the key in their phone. The phone uses this key to generate a OTP, which the server can verify.
A...Read more...
Worldwide, thousands of cyber security companies provide many types of penetration tests. But what makes a penetration test and the results stand out for customers? Securify knows it is difficult to see the details of penetration testing processes for customers during a project due to the fact that some of them are...Read more...