Our Blog

Building an offensive RPC interface

Reading time: ~28 min
Using the Windows Remote Procedure Call (RPC) interface is an interesting concept when conssidering the fact that it allows you...

blackhat_defcon_virtual_vegas_2021.zip

Reading time: ~8 min
Phew! This year’s hacker summer camp is packed with presentations from several hackers across the globe at Orange Cyberdefense. I...

Come do Wi-Fi!

Reading time: ~5 min
Wi-Fi is everywhere and having a better understanding of it can fair you well! Over the years we have made...

Exploring The Fundamentals

Reading time: ~9 min
We are excited to be presenting our Hands-on-Hacking Fundamentals (HHF) course at this year’s BlackHat USA 2021 conference. In our...

Our Enterprise Infrastructure Hacking Course

Reading time: ~4 min
Here at Orange Cyberdefense, clients often ask us to test and help secure their infrastructure. We do this a lot....

Adventures into HTTP2 and HTTP3

Reading time: ~21 min
A few months ago I was exploring the write-ups and video solutions for the retired HackTheBox machine – Quick. It’s...

From 500 to Account Takeover

Reading time: ~10 min
Introduction What seemed like a regular Cross-site Scripting (XSS) vulnerability on an HTTP 500 “Internal Server Error”-page, I managed to...

on ios binary protections

Reading time: ~10 min
I just got off a call with a client, and realised we need to think about how we report binary...

dwn – a docker pwn tool manager experiment

Reading time: ~10 min
Years ago I learnt docker basics because I just couldn’t get that $ruby_tool to install. The bits of progress I’d...

Android Application Specific Proxies, Easy Mode

Reading time: ~7 min
In this post I want to share two things. First, a quick primer on how you would you go about...

Duo Two-factor Authentication Bypass

Reading time: ~8 min
It’s too easy when hacking, to assume something is invulnerable and not interrogate it. This was the case for me...