Collaborate Disseminate
Let’s say that there’s a known digital signature issued by a trusted CA.
Normally, digital signatures need to be evaluated: checked if they are expired, revoked, if there’s a problem in the chain of trust. However, if these aspects are a g… Continue reading Is hashing a digital signature for quick (but incomplete) validation a known and/or acceptable practice?
If the hacker decides to attack the system, the first step is reconnaissance.
But if the system the hacker attacks is exotic, sometimes they’d need to develop the tools or "drivers", or modify the existing software/tools for the… Continue reading Is there a term for one specific step at beginning of reconnaissance?
Is there a financially feasible way to deploy a tiny (Bluetooth/Wifi range) mobile network to pentest mobile phone cellular capabilities?
I understand that everything is potentially an attack vector, but I would like to ask a practical question about UDP ports
Suppose you’re pentesting some small organisation and you found a couple of open UDP ports. Some of t… Continue reading Is there practical risk to having UDP ports open?