Universal interception. How to bypass SSL Pinning and monitor traffic of any application

Date: 15/03/2020

In many cases, the research of an app’s internal structure can be narrowed down to monitoring its traffic. Just a few years ago, a major share of the traffic was transmitted via the plain, easily interceptable HTTP protocol. By now, HTTPS has become the standard in most applications as a part of the defense mechanisms against eavesdropping. Today, I will try to explain what the different defense approaches have in common and whether their common component can be used to create a universal HTTPS interception technique.

Read full article →


Protecting microcontrollers. Implementing Firmware Hardening and Secure Boot on STM32

Date: 15/03/2020

The intensity of attacks targeting IoT devices increases with year over year. New threats require a complex approach; as a result, security became the top priority for both software developers and hardware manufacturers. This article addresses the primary vectors of attacks against smart gadgets and describes some firmware and data protection techniques using a Nucleo development board equipped with an STM32H743 microcontroller as an example.

Read full article →


Poisoned documents. How to exploit dangerous Microsoft Office bugs

Date: 15/03/2020

This article addresses several critical vulnerabilities in Microsoft Office programs. They aren’t new and had caused a great stir a while back. Metasploit Framework modules have already been developed for these bugs, and plenty of related projects are available on GitHub. However, unpatched copies of Microsoft Office (starting from version 2003 and up to and including Office 2016) still remain in the wild dragging down corporate security and opening paths for malicious attacks.

Read full article →


Epic pivoting. Polishing traffic routing skills on HackTheBox virtual machines

Date: 15/03/2020

A good knowledge of pivoting (a technique used to route traffic to the victim and back through interim hosts) is essential for any ethical hacker. Furthermore, this skill is absolutely mandatory for corporate network pentesting. In this article, I am going two hack two simple virtual machines on Hack The Box and demonstrate how to route traffic in the course of pentesting.

Read full article →


Hacked IP camera. Searching for vulnerabilities in smart gadgets

Date: 28/02/2020

The security of home gadgets is a burning topic. Botnet attacks such as Mirai affect millions of devices and inflict huge damages. Ethical hackers continue discovering vulnerabilities in popular gadgets, which manufacturers don’t rush fixing. In this article, I will tell how to check your hardware for security issues using a popular IP camera as an example. Spoiler: it is plagued by tons of vulnerabilities.

Read full article →


Boost your Nmap! Empowering iconic network scanner with NSE scripts

Date: 28/02/2020

Nmap is an iconic scanner broadly used by hackers, and many of them are wondering how to expand its capacity. In most cases, Nmap is used in combination with other software tools. In this article, I’ll explain how to use it together with your favorite utilities. After all, it is much easier to push a button and get the result rather then endlessly repeat the same sequence. Nmap scripts enable hackers to hack networks in a more automated way and help system administrators identify and eliminate built-in vulnerabilities in their protected perimeters.

Read full article →