Publications | Pentest Reports

Pentest Reports

Please note all these reports were proudly published upon explicit request by the project maintainers, or the party that sponsored the penetration test in coordination with the project maintainer. Some of the following links are public partner pentest reports in which 7ASecurity participated.

Tools

OWASP OWTF, an OWASP flagship project, was originally developed by 7ASecurity and is now maintained by a worldwide team of volunteers. Download, Contribute

Presentations

Coming soon: Sexy Mobile App Attacks by Example
Chinese Police and CloudPets (blog, slides, video1, interview, video2 soon)
Pwning Mobile Apps Without Root or Jailbreak (slides)
Smart Sheriff, Dumb Idea, the wild west of government assisted parenting (slides, video)
XXE Exposed: SQLi, XSS, XXE and XEE against Web Services (slides, demo)
OWASP OWTF - Summer Storm - OWASP AppSec EU (slides, video)

Pentesting like a grandmaster (slides, interview)
VSA: The Virtual Scripted Attacker (slides)
Workshop: Introducing OWASP OWTF (slides)
Legal and efficient web app testing without permission (slides, video)
Offensive (Web, etc) Testing Framework: My gift for the community (slides)
Silent web app testing by example (slides)
Web app testing without attack traffic (slides)