Bypassing certificate pinning with Gabriel Franco
June 5, 2023
Many apps implement a security feature called Certificate Pinning, creating some problems when trying to intercept the traffic between the application and the server. Today, we’ll cover the basics about that and give some examples of how to bypass it using an Android mobile.
Faraday Red team goes to Chile with Ekoparty training
June 1, 2023
The primary objective of this training is to equip students with the ability to identify and analyze potential exposures that a company may face.
Their expertise in identifying exposures, understanding internal protocols, and implementing efficient security measures will make them invaluable assets in today's digital world, where companies must remain constantly vigilant to protect their operations, reputation, and data.
Faraday Vulnerability management platform: a seamless experience
PentestingVulnerability Management
May 29, 2023
Vuln management users seek to have a general, orderly and clear vision of the health in their security systems in order to assess and mitigate existing vulnerabilities.
They look for the platform that helps them identify and catalog vulnerabilities, separate what is urgent and important from what is secondary, classify them according to their severity and thus be able to assess the risk of their systems and networks.
Web Application pentesting: a guide
Offensive SecurityRed teamPentestingVulnerability Management
April 20, 2023
In Security, the concept of attack-surface (or attack surface) refers to the set of entry points that an attacker can use to access a system or application and carry out an attack. In other words, it is the complete map in which a system or application can be violated. They may include software vulnerabilities, insecure configurations, unauthorized access, open ports, application programming interfaces (APIs), among others. The larger the attack surface of a system or application, the greater the risk that an attacker could exploit a vulnerability and compromise the security of the system.
Nuclei: Attack Surface with Faraday
Offensive SecurityRed teamPentestingVulnerability Management
April 6, 2023
In Security, the concept of attack-surface (or attack surface) refers to the set of entry points that an attacker can use to access a system or application and carry out an attack. In other words, it is the complete map in which a system or application can be violated. They may include software vulnerabilities, insecure configurations, unauthorized access, open ports, application programming interfaces (APIs), among others. The larger the attack surface of a system or application, the greater the risk that an attacker could exploit a vulnerability and compromise the security of the system.
Yara rule and some python scripts for detection and sanitization of Acropalypse (CVE-2023-21036) affected PNG images
Offensive SecurityPentestingVulnerability Management
March 23, 2023
We have just released a YARA to detect vulnerable images of Acropalypse in scale. We also added a sanitization script to remove extra information from PNG files.