Sign in Subscribe

ONSEC.io Research Team

Exploring Online Gambling in Europe: Understanding Cybersecurity Challenges

Exploring Online Gambling in Europe: Understanding Cybersecurity Challenges

Gambling has deep roots in European history, spanning centuries and weaving into the cultural fabric of the continent. From the grandeur of Monaco's casinos to the quaint charm of UK betting shops, it's been a cherished pastime. In recent times, though, the landscape has shifted dramatically

Lab for pentesting iOS applications. Part 2

Lab for pentesting iOS applications. Part 2

In this part of the guide, we'll walk through setting up the environment and interacting with iOS applications. Target application: DVIA-v2 Preparation At this point, your iPhone should already be jailbroken, and Frida should be installed. You can easily verify this by connecting your phone to your MacBook

Lab for pentesting iOS applications. Part 1

Lab for pentesting iOS applications. Part 1

Introduction Goal: prepare a lab for pentesting iOS applications and MiTM traffic using Frida and BurpSuite. This step-by-step guide consists of two parts. The first part is dedicated to preparing the equipment (installing the requ*ired software and jailbreaking multiple versions of iOS), while the second part covers some basic

Why is security important for MedTech?

Healthcare is one of the most critical and sensitive areas of human activity. Over the years, it has undergone changes and innovations to improve the quality of care and provide better services to patients. Modern technology has brought to this field the convenience of customer management, patient monitoring, and the

TCP Tarpit and Port Scanning. Barricades on Both Sides.

TCP Tarpit and Port Scanning. Barricades on Both Sides.

Introduction Thousands of articles have been written about port scanning, discussing techniques, methodologies, tools... Yet, even in such a seemingly straightforward topic, there are several less-covered nuances. If you regularly scan subnets, participate in bug bounties, perform penetration testing, or automate this process, then this article might be useful to

GitHub commit parsing for email and fun

GitHub commit parsing for email and fun

During security audits, we check for potential leaks of sensitive information such as source code and API keys related to the object of the investigation. These findings can expand the scope of the research and provide additional access points to the system. To verify the connection between a discovered repository

When you're so bored, you start debugging someone else's code: bug hunting in a random Cloud-Native project

When you're so bored, you start debugging someone else's code: bug hunting in a random Cloud-Native project

Intro Our team has the challenge of finding bugs in popular Cloud-Native projects on Github. It's a fun activity that is a good alternative to platforms like HTB and benefits the project we're researching. However, unlike HTB, finding a bug is not guaranteed. We wanted to