Announcing PyRDP 1.0

This post outlines the changes and new features that were added in the PyRDP 1.0 release and explores what is in store for future PyRDP development efforts. Over the last few years PyRDP has secured itself as a strong candidate for both offensive security engagements...

WSUS Attacks Part 1: Introducing PyWSUS

At GoSecure, we work hard to illustrate the impact of our pentest findings on our clients’ security posture. In the past few years, we found numerous organizations with vulnerable Windows Server Update Services (WSUS) deployments. However, no tool (reliable enough to...

Bypassing Xamarin Certificate Pinning on Android

Xamarin is a popular open-source and cross-platform mobile application development framework owned by Microsoft with more than 13M total downloads. This post describes how we analyzed an Android application developed in Xamarin that performed HTTP certificate pinning...

RDP Man-in-the-Middle – Smile! You’re on Camera

As part of our four-month internship at GoSecure, we chose to work on creating a Remote Desktop Protocol (RDP) honeypot. To achieve this, we used a Linux server with an RDP man-in-the-middle (MITM) program that redirects traffic to a real Windows Server. When...

Pin It on Pinterest