Welcome to the community of ethical hackers.

We test the security of modern technologies.

Hacking Lab
Services

In our offer of services you will find a wide range of penetration tests and also specialized services, such as ATM hacking, Red Teaming or social engineering tests.

IoT Testing

Get your smart devices tested and get ahead of the competition. If a vulnerability is found, you will receive a detailed report with a description and a proposal for measures that will lead to the removal of the identified security threats.

Articles

OSTATNÍ
Format String Vulnerability

Since the late 1990s, the vulnerability of format strings has been known to the public and is still used to this day. When exploited, an attacker can modify memory and even execute custom code in addition to reading memory. This …

APPLICATION SECURITY
Remote Code Execution in JXPath Library (CVE-2022-41852)

On 6th October 2022 new CVE was released for critical vulnerability with identifier CVE-2022-41852. This vulnerability affects Java library called Apache Commons JXPath, which is used for processing XPath syntax. All versions (including latest version) are affected by this vulnerability.

DEVICE SECURITY
Car Hacking Introduction

How to control a car remotely? Or, how to unlock a car without brute force? In this article, we will answer not only the questions above, but many others too. We will take a look at the systems in modern …

APPLICATION SECURITY
PEnetration TEsting Proxy (PETEP)

Capturing network communication based on the TCP protocol and modifying it by creating a specialized Man-in-the-Middle proxy is one of many practices used for searching for security flaws in network applications. In this article, we will focus on the use of the cross-platform open-source application PETEP for testing fat clients using TCP protocols and show a simplified attack procedure on …

DEVICE SECURITY
Audit ATM – Replay Attack

ATMs have been an integral part of our lives for several decades now. But is the money really safe?

DEVICE SECURITY
Akuvox – Intercom and Doorbell (IoT Case Study)

We come with the next part in the series on the security of commonly available IoT devices. This time we will take a look, beside other things, at a smart doorbell – can an attacker watch you through its camera? Will the bell open the front door even without PIN? We tested the device literally "through and through". Come and …

SOCIAL ENGINEERING
Bash Bunny – Guide

In this article, we will discuss detail a very interesting device called Bash Bunny in detail. Let’s take a look at how to obtain, configure, write your own custom payloads, and use the Bash Bunny to launch effective attacks.

REVERSE ENGINEERING
Analysing Suspicious File "Outstanding Payment.jar" - Part 3

What is the actual functional equipment of the malware under investigation, and what options does it offer to the attacker if successfully implemented? If there is an infection, is it enough to delete one file or is a complete system reinstallation required? The final part of the three articles on the analysis of a suspicious Java file discusses the very …

SOCIAL ENGINEERING
Social Networks, New Platform for Social Engineering Attacks

Social networks allow us to connect with people from all over the world in almost no time. These platforms have changed the way we interact with others. In earlier times, the first thing we did in the morning was to …

REVERSE ENGINEERING
Analysing Suspicious File "Outstanding Payment.jar" - Part 2

How to use static analysis for cracking the encryption used by the author of the malware, and what information can be revealed about the author? The second part of an article on the analysis of a suspicious Java file out of three describes the penetration of another protective layer and partially uncovers the attacker.

Teams & Hackers

HackingLab

Choose team

Choose hacker

HackingLab

Choose team

Choose hacker