eLearnSecurity Blog

Blog

Network Attack Demo from XSS to Domain Admin

from xxs to domain admin attack demo

Active Directory policies can be used by System Administrators to deploy systems and users preferences, secure systems, lock down the workstation, create user accounts etc. By default, the active directory policies have Read permissions granted to the domain users.

IT Security Researcher Davide Girardi (aka GiRa) attempts to gain full access to a local administrator account‘s records as well as execute an escalation to a full domain admin account.

Tags: , , , ,

Read more

12 Questions with eLearnSecurity Founder, Armando Romeo

armando-elearnsecurity

Every pentester starts somewhere. Those who are interested to start a career in IT Security, it’s good to learn from professionals who have been in the industry for a considerable amount of time. We had an opportunity to chat with Armando Romeo, CEO and Founder of eLearnSecurity, where he shared his thoughts and opinions about penetration testing, hacking, and cyber security.

Tags: , , , , , ,

Read more

3 Common Security Mistakes Mobile App Developers Make and How to Fix Them

mobile app security penetration testing

Following our blogpost last week about Brute Force vulnerability that affects over 600 million smartphones, we asked IT Security Researcher, Francesco Stillavato, about his thoughts on common security mistakes that mobile application developers make and how to fix them.

Security is a very important feature and should not be taken for granted when developing mobile apps.

Tags: , , , , ,

Read more

How to Prevent Brute Force Attacks in Mobile Applications

mobile application security brute force attacks

A research revealed that over 600 millions smartphone users have their mobiles at risk due to the mobile apps allowing UNLIMITED number of login attempts. AppBugs, a mobile security firm, tested 100 of the most popular Android and iOS applications that support password protected accounts – with each app registering at least one million downloads.

Tags: , , , , ,

Read more

2 Security Researchers Rewarded a Million Air Miles Each

united airlines bug bounty reward

Two Information Security researchers each received 1 Million Air Miles from United Airlines for uncovering vulnerabilities in their system.

A couple of months ago, we’ve written about this bug bounty reward program from this airline company and now two IT security researchers got themselves the maximum payout reward.

Tags: , , , ,

Read more

Go to top of page