August 7, 2019

Learn about IoT Device Penetration Testing

A year ago, when I was fresher in the term of IoT security, I was very curious about the approaches for penetration testing on smart devices.  […]
August 5, 2019

How to Start IoT device Firmware Reverse Engineering?

IoT device Firmware Reverse Engineering:  It is a process to understand the device architecture, functionality and vulnerabilities present in the device incorporating different methods. Firmware: Piece […]
August 2, 2019

FB50 Smart Lock Vulnerability Disclosure (CVE-2019-13143)

Executive Summary Our security engineers found vulnerabilities in the FB50 smart lock mobile application. An information disclosure vulnerability chained together with poor token management lead to […]
July 16, 2019

XSS Auditor no more part of Google Chrome

Yes, you heard correct Google Chromium devs announced the news about XSS auditor. The XSS auditor time and again bypassed by the client security researcher to […]
July 7, 2019

SecureLayer7 at RISE Conference, Hong Kong 2019

RISE Conference Hong Kong 2019 is Asia’s largest tech conference, and SecureLayer7 is selected in the Alpha program. At SecureLayer7, we decided to release our signature […]
June 27, 2019

Identifying UART Pins Without a Multi-Meter

As someone who likes to tinker with hardware, we often find ourselves opening up a device to find UART pins which are originally meant for debugging […]
June 27, 2019

Arm Exploitation Series #1 — Introduction to the ARM Architecture

With the increasing growth in Internet-Of-Things (IoT) devices, it is an absolute necessity to scrutinize the security of these devices too, especially when they’re going to […]
April 20, 2019

Exploring, Exploiting Active Directory Pen Test

Active Directory (Pen Test ) is most commonly used in the Enterprise Infrastructure to manage 1000’s of computers in the organization with a single point of […]
April 17, 2019

OWASP Top 10 – What are Different Types of XSS ?

Cross Site Scripting (XSS) is the most popular web application vulnerability. It is a code injection attack that allows attackers to execute malicious JavaScript code in […]