Step-by-step how to deanonymize emails on LinkedIn

We have previously talked about LinkedIn having an endpoint for Outlook profile cards. This endpoint is receiving email addresses as input and returns the complete profile information (name, company, location, etc.). These sorts of APIs can be abused for OSINT. To...

Creating A Custom View for WebSocket in ZAP

When we were looking at the interactions between the Outlook and the LinkedIn APIs, we encountered WebSocket communications that used some additional encoding. The encoding was nothing too complex, but it was uncommon. It turned out to be LZip compression. However,...

Auditing CSP headers with Burp and ZAP

Content Security Policy (CSP)  is a HTTP header that instruct the browser to limit resource loading of media, styles and scripts. As you may know, CSP is not adopted yet by industry. Multiple surveys have already been made about the adoption of the security...
Titan Managed Detection & Response
Next-Generation Antivirus
Endpoint Detection & Response
Network Detection & Response
Inbox Detection & Response
Insider Threat Detection & Response
Managed Firewall
Managed SIEM
Vulnerability Management as a Service
GoSecure Titan
Titan Software
Email Security
Web Security
ResponderPRO Forensics Toolkit
Advisory Services
Breach Readiness Services
Cybersecurity Assessment
Security Compromise Assessment
Ethical Hacking
Incident Response & Forensics
Compliance & Audit
3rd Party Technology

Pin It on Pinterest