Entries by Barak Tawily

Online ClickJacking/UI redressing PoC Tester

AppSec Labs is proud to introduce the ClickJacking Tester – a tool which is designed to allow information security specialists around the world to easily check online whether their websites are vulnerable to ClickJacking/UI redressing attack: http://online.attacker-site.com/html5/ClickjackingTester/ How to Use: Open the tool in your browser. Enter your website’s URL in the text box. Check “add allow-forms to […]

AppUse and Server-Side Attacks on Android Applications

Introduction We all know our smartphones contain a lot of sensitive information about us, from credit card details through WhatsApp correspondence, our location, pictures and more. Today we see serious development of the telephony field; banks and credit card companies are developing account management telephone applications, chat applications which hold a history of our conversations, […]

The Truth Behind the Sony Cyber Attack

In recent years, Sony Pictures Entertainment has been one of the most highly targeted companies by cyber crime groups. The last months of the year 2014 were very tough on Sony, after a cybercriminal group which identifies itself as GOP (Guardians of Peace) performed the biggest cyber-attack on Sony Pictures Entertainment. In this article I will […]

AliExpress hacked – the entire story

Introduction As you may have heard it was recently advertised that AliExpress, one of the world’s largest online shopping websites, was found to have substantial security shortcomings. As one of the people who discovered the vulnerability, I would like to take this opportunity to discuss the vulnerability I detected in this blog post. A few […]

How to connect a real device to AppUse

  In order to connect a real device you should do the following steps: Enable USB debugging mode: a. Open your device’s “Settings.” This can be done by pressing the Menu button while on your home screen and tapping “System Settings.” b. Scroll to the bottom and tap “About phone.” c. On the “About” screen, […]