Penetration Testing Engagement

Cyber attackers are relentless. They're constantly on the hunt for weaknesses, particularly in enterprise software that stores critical data. Take HPE StoreOnce, for example, a widely used backup solu...

In today’s digital age, where businesses continually grapple with cyber threats, executives must make informed decisions about securing their assets. Many organizations, eager to enhance cybersecurity...

...

In today's digital age, web applications form the backbone of many businesses, providing critical services and user interactions. As such, the security of these applications is paramount. Frameworks l...

In cybersecurity, free pentesting is a crucial resource for organizations aiming to strengthen their defenses without high costs. Penetration testing, or pentesting, simulates cyber attacks to find we...

Understanding the differences between internal and external penetration testing is crucial for safeguarding your enterprise against cyber threats. Learn which type is suitable for your business and ho...

In the rapidly evolving landscape of cybersecurity, understanding the different types of penetration tests is crucial for safeguarding your digital assets....

Penetration testing is often seen as a high-stakes, challenging career, but how tough is it really to break into and succeed in this field?...

Privilege escalation is a type of cyber-attack where an attacker gains elevated access to resources that are normally protected from an application or user. In the context of lead generation platforms...

As organizations continue to adopt modern web technologies, the need for securing web applications becomes more critical than ever. One of the rapidly growing frameworks for building interactive web a...

During a pentesting engagement at CyberAR, I discovered an open redirect vulnerability on the login page that I was able to escalate to an account takeover. In this write-up, I’ll explain how I achiev...

In today’s digital age, secure user authentication is paramount to protect sensitive information and maintain user trust. However, during a recent web application penetration test, I uncovered a criti...

During a penetration testing engagement with CyberAr, I focused on examining the security of a cloud service’s advanced features. I discovered a Server-Side Request Forgery (SSRF) vulnerability that a...

During a recent penetration testing engagement at CyberAR, we uncovered a seemingly simple yet critically impactful vulnerability in a platform designed to sync WhatsApp with CRM systems. This platfor...

While performing a pentesting engagement with CyberAR on a cloud solutions web application, I chained a vulnerability and a weird function to reach a critical impact....

While conducting web application testing, I focused on the email and password update sections, particularly the email update functionality. This feature is crucial as it contains a critical vulnerabil...

Understanding 0-click account takeover (ATO) via Google Authentication is crucial for maintaining your online security. This type of attack allows hackers to gain access to your accounts without any a...