7ASecurity is proud to share the results of our security audit of LitmusChaos. LitmusChaos is an open source chaos engineering platform for a multitude of cloud platforms. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation, this project can continue to provide secure chaos testing environments for …
7ASecurity audit, chaos engineering, cloud security, CNCF projects, Open Source Security, OSTIF, Penetration Testing, pentesting, privacy, public report, public security audit, Security Audit, Security News, Security Vulnerabilities
About V2Ray is a versatile network utility that provides a platform for building proxies to bypass network restrictions—enabling users to access the internet safely and privately in restricted contexts where surveillance and censorship are prevalent. In addition to being open source, V2Ray is designed with encryption and obfuscation functions that make it harder for surveillance forces …
bypass restrictions, cybersecurity, digital privacy, internet censorship, Network Security, online privacy, open source, OTF, Penetration Testing, Security Audit, Security News, V2Ray, Vulnerability Assessment
7ASecurity is proud to share the results of our security audit of OpenTelemetry. OpenTelemetry is an open source project for generating and collecting telemetry data for software analysis. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation (CNCF), this project will experience strengthened security health as it moves to graduation status with the …
CNCF, Open Source Security, open source software, OpenTelemetry, OSTIF, Penetration Testing, pentesting, privacy, public report, public security audit, Security Audit, Security News
The sun is out, and the days are long – perfect for tackling some cybersecurity learning! Here at 7ASecurity, we’re celebrating summer with a 50% off sale on all our self-paced courses. Use code SUMMER50 at checkout to unlock a treasure trove of hacking knowledge. But hurry, this offer ends on August 31st, so don’t …
beginners, cybersecurity, discount, ethical hacking, intermediate, mobile app penetration testing, online courses, Penetration Testing, self-paced learning, summer sale, Web Application Security
About CoverDrop Whistleblowers need a secure method to initiate contact and build trust with journalists. Existing tools often cater to later-stage correspondence, leaving crucial, early touch-points vulnerable to surveillance. In addition, many of these tools are difficult to find on newspaper websites, hard to use securely, and offer insufficient user guidance. After conducting workshops with …
Android Security, CoverDrop, iOS Security, Journalism Security, Mobile Security, Open Source Security, OTF, Penetration Testing, Pentest, pentesting, Secure Communication, Security Audit, Security Awareness, Security News, Signal Protocol, Whistleblower Protection, White Box Testing
Why Should You Do a Pentest? Good question! But first things first: What is a pentest? A penetration test, or pentest, is a simulated cyber attack on a computer system, network, or application to identify and exploit security vulnerabilities. The goal is to assess the security posture of the target and provide recommendations for improving …
Have you ever wondered why it is essential to conduct penetration testing regularly in today’s evolving digital landscape? With cyber threats becoming more sophisticated, businesses and cybersecurity professionals must stay one step ahead to protect sensitive data and maintain trust. In this blog, we’ll look at penetration testing. We will highlight its importance, benefits, and …
About Opaque Opaque is a JavaScript package to allow secure password-based, client-server authentication without the server ever obtaining knowledge of the password. Audit Description Through OTF’s Red Team Lab, 7ASecurity conducted a penetration test and whitebox security review of Opaque. A whitebox review is a form of application testing that provides the tester with complete knowledge of the application …
cybersecurity, JavaScript, Opaque, Open-source, OTF, Password authentication, Penetration Testing, privacy, Security, Security Audit, Security News, Web development
About Disguiser Disguiser is a novel framework that enables end-to-end measurement for accurately and comprehensively investigating global internet censorship practices. It’s challenging to conduct large-scale internet censorship measurement, as it involves triggering censors through artificial requests and identifying abnormalities from corresponding responses. Due to the lack of “ground truth” on the expected responses from legitimate services, …
In the pursuit of cost-effective cybersecurity solutions, automated “pentests” may seem enticing. However, the real test cost extends beyond affordability. Challenges of Automation: Automated tools miss critical issues, leading to false negatives (missed vulnerabilities) and wasted effort on false positives (fake findings your team must review). The True Test Cost: Skilled testers provide accurate insights, …