Improved Canned Air Attacks Against REX Sensors

Bypassing Request-to-Exit (REX) sensors with canned air and other mediums isn’t a new attack, and is widely used as a covert method of entry. However, there are times where this attack could be possible, but certain elements such as a small physical gap that the straw can’t fit through, REX sensor being farther away, etc., … More Improved Canned Air Attacks Against REX Sensors

Hacking Gift Cards

To better understand how it is possible to hack gift cards, we’ll demonstrate weaknesses with gift cards, balance checking, and how hackers can enumerate gift cards even without knowing the card holder. It is important to explain that the technique can be applied to any gift card that’s not using a CAPTCHA or a pin, … More Hacking Gift Cards

Point-of-Sale System Security Analysis : How hackers gain access to POS systems in retail and restaurants

Recently, we assessed two point-of-sale (POS) systems for clients in different industries – Retail and Restaurants. POS systems are the latest and greatest hacking target taking place around the nation. In the last couple of years, we’ve read a lot about big organizations being hacked and credit card information stolen. In these instances, terminals from the … More Point-of-Sale System Security Analysis : How hackers gain access to POS systems in retail and restaurants

Proxmark 3 Cheat Sheet and RFID Thief Instructions

Found some awesome write-ups from Alex Dib regarding building your own RFID cloner and a useful Proxmark3 cheat sheet, and wanted to share! Proxmark3 Cheat Sheet Great cheat sheet for those using the Proxmark3 software. https://scund00r.com/all/rfid/2018/06/05/proxmark-cheatsheet.html   RFID Thief v2.0 Very detailed write-up for building your own long-range RFID cloner. https://scund00r.com/all/rfid/tutorial/2018/07/12/rfid-theif-v2.html    

Internet Enumeration and Discovery – Know Your Network Footprint

One of a company’s most important responsibilities is to know its network footprint. Many large corporations are compartmentalized, and different groups have different responsibilities that rarely overlap. It’s not uncommon for a company to have multiple class-C IP address ranges, along with third-party hosted websites, and not really realize they exist within the organization’s assets. … More Internet Enumeration and Discovery – Know Your Network Footprint