Latest researches about founded vulnerabilities and how you can try to play with them

wired graph 1 1

The short story about Clubhouse user scraping and social graphs

TL;DR During this RedTeam testing, we used Clubhouse as a social engineering tool to find out more about our client's employees. UPDATE: While we were preparing this article for publication, ...
arrow
logo kr00k

r00kie-kr00kie. Exploring the kr00k attack

TL;DR We created and published a PoC exploit of the kr00k attack (CVE-2019-15126): https://github.com/hexway/r00kie-kr00kie All technical details can be found in the Process section. INTRODUCTION AND MOTIVATION In February 2020, ...
arrow
funshield

Piercing the Shield. Breaking the FunctionShield cloud security library

TL;DR We've found a vulnerability in FunctionShield, a cloud security library, that allows bypassing its tightest restrictions completely. All technical details can be found in the "Process" section. Cloud computing ...
arrow
Rectangle 36

Apple bleee. Everyone knows What Happens on Your iPhone

Users value their privacy, and Apple understands that. We even see related PR activities. "What happens on your iPhone, stays on your iPhone." Let's see if it's true. TL;DR If ...
arrow
red team

Try Hive now

online demo
red team