5 July 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 2
Setting up the environment + Hello […]
5 July 2023
Extending Burp Suite for fun and profit – The Montoya way – Part 1
-> Setting up the environment + […]
13 June 2023
Pentesting Xamarin Android apps: DLLs and root check bypass
In this article, I’ll show how […]
11 May 2023
Cracked password analytics with Kraken
Hi! We are releasing Kraken, HN […]
6 April 2023
Celebrating two years of HN Security
Hello there! Please allow me a […]
27 February 2023
Abusing Maven’s pom.xml
Apache Maven is a well-known tool […]
18 January 2023
Nothing new under the Sun – Discovering and exploiting a CDE bug chain
“What has been will be again, […]
21 December 2022
A journey into IoT – Unknown Chinese alarm – Part 4 – Internal communications
Disclaimer: as many other security researchers […]
22 November 2022
Burp Suite and Protobuf
Hi, Last year (I know, I’m […]
12 October 2022
Semgrep rules for Kotlin security assessment
Hi, I recently had the chance […]
7 September 2022
Groovy Template Engine Exploitation – Notes from a real case scenario
Java web applications are far from […]
22 August 2022
Useless path traversals in Zyxel admin interface (CVE-2022-2030)
During our analysis of Zyxel’s device […]