Introduction Hack The Box (HTB) Prolab - Dante offers a challenging and immersive environment for improving penetration testing skills. This is a Red Team Operator Level 1 lab. This lab demands ex...
Exploring HTB Prolab Dante - A Technical Review + Tips
How to Decompile a Hermes React Native Binary (Android Pentest)
Overview At Cognisys, our days are filled with uncovering the intricacies of various applications, but some projects stand out due to their complexity and the insights they provide. Recently, we t...
Breaking Custom Encryption Using Frida (Mobile Application Pentesting)
Overview It was a typical day at Cognisys, where we were engaged in routine Android application testing. However, this session took an intriguing turn when we encountered a unique encryption imple...
Burp Suite Certified Practitioner Exam (BSCP) Review
At Cognisys, we are driven by experts in cybersecurity. Our team comprises individuals with extensive skills and a deep understanding of the field, always ready to secure your business. In the eve...
Breaking Login Pages
We daily come across login pages as normal internet users, but as a security guy, one is always curious to find ways to bypass the login panels. Hi everyone we hope you all are doing great. In this...
Securing the Insecure Objects
Overview Greetings, everyone! In this blog, our Application Security Specialist Punit, will be talking about a critical security category. Punit’s primary role within our team involves penetration...
An Interesting XSS-Bypassing WAF
Overview Greetings, everyone! I’m Punit, an Application Security Specialist working with Cognisys Group. My primary role involves being a Pentester with expertise in testing the security of Web, M...
Advanced Module Stomping & Heap/Stack Encryption
Overview This blog will talk about the in-depth analysis and implementation of: Heaps allocations Encryption while sleeping Threads Stack Encryption while sleeping Reverting stomped module...
Writing your first Frida script for Android
Overview Hi everyone, I wish you all are doing amazing. My name is Rajveersinh Parmar and I’m an Application Security Consultant at Cognisys, specialised in Web, Mobile and API Pentesting. In this...
Combining Indirect Dynamic Syscalls and API Hashing
Overview This blog will talk about in depth analysis and implementation of : API hashing, how to resolve module’s base address and API’s base address from PEB using C & WinDbg. Indirect ...