Start now

Articles by: Antonio Torralba

In-depth Freemarker Template Injection

In-depth Freemarker Template Injection

During a recent engagement, our AppSec team faced an interesting instance of limited Server Side Template Injection in Freemarker.

Recovering SQLCipher encrypted data with Frida

Recovering SQLCipher encrypted data with Frida

Our AppSec team has faced the SQLCipher library during some recent security audits of mobile applications. According to their GitHub README:

Regarding the recently discovered RCE in Git

Regarding the recently discovered RCE in Git

Etienne Stalmans (@_staaldraad) recently discovered a Remote Code Execution vulnerability in the version-control software Git (CVE-2018-11235).

KRACK or “How WPA2 did not die”

KRACK or “How WPA2 did not die”

Mathy Vanhoefm published a set of attacks against the Wi-Fi security protocol WPA2 with the name Key Reinstallation Attacks, or KRACKS.