Mar 092017
 

Part IV: Customizations – Custom Kernels and building Chroots This is the blog part 4 of building your custom Pentesting device. If you haven’t read the previous blogs, here are the links to them: – Part I Part II Part III So, now let’s get started with adding our own set of firmware support and customizations in the kernels. By default, the kernels supplied by the manufacturers are pretty restrictive because they want users to Read More…

Feb 022017
 

Part III: Cracking the Lid – Rooting and Unlocking Bootloaders This is part 3 of building your own mobile pen-testing device. Here’s the link to part 2 and part 1. Before we get started to cracking our device, let’s take a look at how our end device would look like: Oneplus One with Alfa NHR in monitor mode Full-fledged Kali with xfce environment running on Oneplus One So let’s get started and let me clear Read More…

Jan 312017
 

INTRODUCTION GSM also known as “Global System for Mobiles” is a world-wide standard for digital cellular telephony, it is a published standard by the European Telecommunications Standards Institute (ETSI), and it is widely implemented in Europe, Asia and, increasingly, America. The GSM network is divided into three major systems: the Network Switching System (NSS), the Base Station Subsystem (BSS), and the Operation and Support System (OSS). As we know that GSM is a broken protocol Read More…

Jan 182017
 

Part II: The Technicalities – Linux Kernels and chroots This is part 2 of building your own mobile pen-testing device. Here’s the link to part 1. So, now that we know how basic rooting and flashing works, let’s get a bit deeper into the internals of the Android system and see to what extent it is similar to the Linux operating system. The main core of the Android system is the kernel, and this is Read More…

Jan 112017
 

Part I: The Prologue – Android rooting Background In the game, Watchdogs, the hacker ‘Aiden Pierce’ uses his cell phone alone to hack into organizations or perform MITMs (Man in the Middle Attacks). This got me thinking, what if I could build my own mobile pen-testing device and started my research on the same. After 2 years of intermittent toying around and bricking 2 Sony Xperia devices, I could successfully build a mobile low-budget but Read More…

Dec 212016
 

Introduction Over the past few years, bug bounties have begun to garner mainstream attention. With over 150 companies offering their own bug bounty programs and hundreds of others working with the likes of BugCrowd and HackerOne, it is really no longer a question of whether you should start a bug bounty program or not, but rather when and how you should be running it. Let’s begin by taking a look at the various possible options: Read More…

Aug 292016
 

Introduction Ransomware is a malware which encrypts all files on disk and prevents the users from accessing their system. It has become a raging epidemic and has impacted thousands of organizations all across the globe. The new generation of ransomware, such as Locky and Zepto are delivered via spam e-mails with the common aim to extract money from the prey. Source of Infection Most organisations have substantial information security appliances such as anti-virus software, IPS/IDS Read More…