This website uses cookies

To provide the highest level of service we use cookies on this site.
Your continued use of the site means that you agree to their use in accordance with our terms and conditions.

Pentest chronicles

In this section we share stories about vulnerabilities found during real-life penetration tests conducted by experienced testers. Check out our approach to testing web, mobile and desktop applications, as well as infrastructure and cloud systems. You'll get a step-by-step view of how we find vulnerabilities and the methods we advice to defend against them. Dive in and see what we've uncovered!

Latest pentest chronicle

Why you shouldn't roll your own cryptography - real-life case in 2023.

MATEUSZ lewczak

August 28, 2023

In the world of IT, a common practice has emerged where cryptography is developed by a group of researchers possessing a strong mathematical background, while developers implement ready-made solutions and ensure that they are up-to-date and meet the best security practices. Taking this into consideration and adding the fact that desktop application testing is often carried out by pentesters who may overlook issues related to encryption or hashing, while focusing on searching for known vulnerabilities, it should be expected ...

READ article

All pentest chronicles

How Private Cache Can Lead to Mass Account Takeover – pentest case

Mateusz Kowalczyk

July 12 2023

In many situations, minor vulnerabilities might seem like small fish in the vast ocean of cybersecurity threats. They’re often marked as low severity and thus, overlooked by developers who assume that the conditions for their exploitation are too complicated to be met. However, in this article, we’re going to challenge that assumption and show you …

READ article

A small oversight with big consequences: how a minor mistake can lead to the compromise of your Domain Controller.

dominik antończak

August 4 2023

Have you ever wondered how much information you can glean about others through observation? In the real world, when we're in public places, we're not always conscious of who's watching us and what information they're gathering about us.

READ article

When Usernames Become Passwords: A Real-World Case Study of Weak Password Practices

michał wnękowicz

June 9, 2022

In today's world, ensuring the security of our accounts is more crucial than ever. Just as keys protect the doors to our homes, passwords serve as the first line of defense for our data and assets. It's easy to assume that technical individuals, such as developers and IT professionals, always use strong, unique passwords to keep their accounts secure. However, this is not always the case; for example, ...

READ article

Any questions?

Happy to get a call or email
and help!

Terms and conditions
© 2023 Securitum. All rights reserved.