Entries by Gilad Ofir

Guidelines for pentesting security systems

29/12/2016 /0 Comments/in /by

How do you perform a security test? Ever wanted to perform a penetration test on a security system (website, application, mobile and etc.) and just didn’t know where to start? These days, companies are very concerned about the security in their applications due to the increase in the number of disclosed vulnerabilities and exploits which can […]

Advanced Packet Editor – TCP/HTTP Client-Server Proxy

01/06/2016 /0 Comments/in /by

The Advanced Packet Editor (APE) is an open-source project for a TCP and HTTP-based proxy that allows you to intercept and manipulate communication between clients and servers. We at AppSec Labs have taken the project, modified and improved it into a useful tool for application penetration testing. This tool is under the GPL license (for […]

New SSL Vulnerabilities – Spoofing CA Certificates

10/08/2015 /0 Comments/in /by

OpenSSL is a widespread, open-source SSL protocol application and is widespread and used by numerous projects and organization for providing rapid, adaptable and “secure” solution. OpenSSL has recently reached headlines again, but on a bad note. As of late (the past two years or so), the older and current versions of SSL have suffered from […]

SSL FREAK Vulnerablity

12/03/2015 /2 Comments/in /by

As security experts, AppSec Labs can help you protect against SSL based attacks as well as keeping our website, www.appsec-labs.com safe from these attacks. SSL/TLS is a transport encryption protocol which is used by most applications and infrastructure to provide confidentiality and integrity for safe communication between a client and a server.