Are you the kind of person who enjoys Workshops with practical information that you can immediately apply to your work? “Hacking Modern Desktop apps: Master the Future of Attack Vectors” is a desktop app security course that provides you with case studies from real-world vulnerable applications. Register now to learn techniques to take your desktop …
2020 was tough but the New Year Sale is here! 🙂 Missed Blackhat USA, HITB, OWASP Global AppSec, Nullcon. Now is the time to get any 7ASecurity course at a fraction of price. The same material with lifetime access to a training portal. Also, contains step-by-step video recordings, slides and lab exercises, including all future …
Our first ever Black Friday Sale, take advantage of this opportunity: This is the same material we teach at Blackhat USA, HITB, OWASP Global AppSec, Nullcon and many other events at a fraction of the price: Get 40% off any self-paced 7ASecurity course! Use code: BFCM40 Offer valid from November 18th until November 30th Some …
Yes, COVID makes things difficult, many people have financial struggles, but… Did you know after this summer, we gave away 7 (!!!) courses to the winners of our OWASP Virtual Summer Days contest completely for free? Why not take advantage of this? you could be next because we are running another New Year Free Course …
Yes, COVID makes things difficult, many companies struggle for budget, but… Did you know after this summer, the winner of our OWASP Virtual Summer Days contest got a 12 day pentest completely for free? Why not take advantage of this? your company could be next because we are running another New Year Free Pentest contest! …
We are pleased to be sponsoring OWASP Virtual Summer Days this year! Winners will be privately contacted after each training event on June 24th, July 29th, and August 26th. Contest #1: Get a Free Penetration Test! Yes, you read that correctly! please fill out this form to enter the contest. The winner gets a 100% …
NOTE: In 2020, a new talk will substantially improve this one to include an interesting third app and better explain the other ones. In late 2019, I had the privilege of giving a talk and an interview at SEC-T and DeepSec about “Chinese Police and CloudPets”. Basically a summary of highlights from 3 different pentest …
Part 1: Intro Part 2: Translating APKs Part 3: What is SSL? [ MSTG‑NETWORK‑1 ] Part 4: How NOT to implement SSL [ MSTG‑NETWORK‑2 ] Part 5: RCE in WebView [ MSTG-PLATFORM-7 ] Part 6: XOR Crypto FAIL [ MSTG-CRYPTO-1 ] Part 7: AES Crypto FAIL [ MSTG-CRYPTO-1 ] The OWASP Mobile Application Security Verification …
Part 1: Intro Part 2: Translating APKs Part 3: What is SSL? [ MSTG‑NETWORK‑1 ] Part 4: How NOT to implement SSL [ MSTG‑NETWORK‑2 ] Part 5: RCE in WebView [ MSTG-PLATFORM-7 ] Part 6: XOR Crypto FAIL [ MSTG-CRYPTO-1 ] The OWASP Mobile Application Security Verification Standard classifies the flaw explained in this blog …
Part 1: Intro Part 2: Translating APKs Part 3: What is SSL? [ MSTG‑NETWORK‑1 ] Part 4: How NOT to implement SSL [ MSTG‑NETWORK‑2 ] Part 5: RCE in WebView [ MSTG-PLATFORM-7 ] The OWASP Mobile Application Security Verification Standard classifies the flaw explained in this blog post, under sectionV3: Cryptography Requirements, as follows: MSTG-CRYPTO-1: …
