Our Blog

Our news

All you need to know

Press Release – London Hacking & Security Courses

Reading time: ~2 min
School’s never out for the Pro! We’re proud to announce that we are now offering our highly successful penetration testing...

Competition winner announced

Reading time: ~2 min
On Saturday Dec 3, at BSides Cape Town we announced the winner of a prize for local information security research....

R5000 ZA research prize to be presented at B-Sides Cape Town, nominations sought

Reading time: ~3 min
SensePost is proud to announce a competition to identify the best information security research published by a resident of South...

Mobile Security Summit 2011

Reading time: ~1 min
This week, Charl van der Walt and I (Saurabh) spoke at Mobile Security Summit organized by IIR (http://www.iir.co.za/detail.php?e=2389). Charl was...

Squinting at Security Drivers and Perspective-based Biases

Reading time: ~12 min
While doing some thinking on threat modelling I started examining what the usual drivers of security spend and controls are...

Metricon 2011 Summary

Reading time: ~5 min
[I originally wrote this blog entry on the plane returning from BlackHat, Defcon & Metricon, but forgot to publish it....

Decrypting iPhone Apps

Reading time: ~6 min
This blog post steps through how to convert encrypted iPhone application bundles into plaintext application bundles that are easier to...

Be Inspired

Reading time: ~1 min
Talented Innovative Quality driven Forward thinking Trusted advisors And …simply good fun! These are all phrases associated with SensePost. Do you...

Press Release – Jane Frankland joins SensePost

Reading time: ~2 min
The SensePost marketing division, a highly skilled team of ruthless spin-doctors, is proud to announce that they have written …...

Black Hat Abu Dhabi && Cadet Online Edition

Reading time: ~1 min
Black Hat will host its second event in the Middle East in Abu Dhabi with a full contingent of selected...

Runtime analysis of Windows Phone 7 Applications

Reading time: ~2 min
Runtime analysis is an integral part of most application security assessment processes. Many powerful tools have been developed to perform...

Hacking Online Auctions – UnCon && ITWeb talk

Reading time: ~2 min
I gave an updated version of my ‘Hacking Online Auctions’ talk at UnCon in London last week. The talk gave...

Systems Applications Proxy Pwnage

Reading time: ~2 min
[2011/9/6 Edited to add Slideshare embed] I am currently in London at the first ever 44con conference.  It’s been a...

SensePost @ 44Con – Join us!

Reading time: ~1 min
Until recently, there was a distinct lack of decent, high-quality technical security conferences held in the United Kingdom. Home to the...

Metricon6 Presentation

Reading time: Less than a minute
Dominic is currently in the air somewhere over the Atlantic, returning from a long trip that included BlackHat, DefCon and...

BlackHat 2011 Presentation

Reading time: Less than a minute
On this past Thursday we spoke at BlackHat USA on Python Pickle. In the presentation, we covered approaches for implementing...

Security Policies – Go Away

Reading time: ~4 min
Security policies are necessary, but their focus is to the detriment of more important security tasks. If auditors had looked...

SensePost Black Hat Course Summary & chosing the right courses

Reading time: ~1 min
As we draw nearer to Black Hat Vegas we get a lot of requests from people who need help choosing...

House of Cards

Reading time: ~4 min
In light of recent mass hacks (HBGary, Sony, Nintendo,  etc) one would have thought that collectively, companies would take notice...

Threat Modeling vs Information Classification

Reading time: ~3 min
Over the last few years there has been a popular meme talking about information centric security as a new paradigm...

From the International Conference on Cyber Conflict

Reading time: ~9 min
The text that follows is a short statement I prepared for the press ahead of my presentation at the ‘The...

Hacking By Numbers: W^3 Edition

Reading time: Less than a minute
Well, we’re ramping up with the new Hacking By Numbers W^3 edition course we will be presenting at BlackHat Vegas...

Hacking by Numbers: BlackOps Edition

Reading time: Less than a minute
The brand new BlackOps HBN course makes its debut in Vegas this year. The course finds its place as a...

Incorporating cost into appsec metrics for organisations

Reading time: ~17 min
A longish post, but this wasn’t going to fit into 140 characters. This is an argument pertaining to security metrics,...

Hacking by Numbers: Bootcamp Edition

Reading time: ~2 min
Salut à tous, It’s that time of the year again and like every year, we’ll once again be running our...

Rhodes MSc Information Security Weekend

Reading time: ~3 min
An education isn’t how much you have committed to memory, or even how much you know. It’s being able to...

Cadet Training

Reading time: ~1 min
You’ve seen the movies. You’ve seen the cooler than life characters hacking systems using obscure keyboards and operating systems that...

ITWeb Security Summit

Reading time: Less than a minute
The ITWeb Security Summit is creeping up on us again and will be happening on the 10-11th of May. This...

To understand the battlefield, you need a broad view

Reading time: ~3 min
It is always a little bemusing to hear that we only provide pentests. Since 2001, SensePost has offered a very...

BlackHat Barcelona Training

Reading time: ~1 min
Hola amigos, We will be running our elite “Combat Training” at the BlackHat Briefings in Barcelona this March (talk lineup) and...

The Yeti is here

Reading time: ~1 min
After several months of dedicated … uh dedication, our new network footprinting tool is being made available to the masses....

Training – lots of stuff(c)

Reading time: ~2 min
Hey. Charl here. Lots of stuff is happening on the training front right now (ed: right now!), and I wanted...

Happy New Year gift: source code!

Reading time: ~1 min
If you use the Gregorian Calendar, then Happy New Year! Down here in South Africa, we’ve also ushered in a...