Home | VerSprite Resources

Attack Surface

We are passionate about helping our clients chart a course that brings security and business together.

Cyber Attacks on Smart Cars

Blog Post

Exploitation of Vulnerabilities

Cyber Attacks on Smart Cars Using SDR

The aim of this research is to uncover the vulnerabilities of the keyless smart cars as well as to hack and exploit them through the technologies like software defined radio (SDR) and devices GNURadio and HackRF.

Learn more

Android

Blog Post

Android Vulnerabilities and Exploits

Exploring Android Vulnerabilities and Binder: Part II Building POC Code with Android NDK

This blog continues Part I of the android exploitation experiment. We build a proof-of-concept code with an Android NDK. UAF vulnerability (CVE-2019-2215)

Learn more

Android Vulnerability

Blog Post

Exploitation of Vulnerabilities

Exploring Android Vulnerabilities and Binder: Part I

This blog post will trigger a UAF vulnerability (CVE-2019-2215) in Binder from scratch. After preparing the necessary environment and tools, we will reach the KASAN output with the POC exploit.

Learn more

Blog Post

Reverse Engineering

What is Responsible Disclosure?

What is responsible disclosure? In this article, VerSprite will outline a typical process for zero-day vulnerability reporting, the ethics behind hacking, and provide real-world examples of our responsible disclosures.

Learn more

Embedded Device Surface Attacks | IoT Security | VerSprite Cybersecurity Advisory

Blog Post

What You Need to Know About Embedded Device Attack Surfaces

Embedded Device security is increasingly more important to discuss as more everyday and critical medical devices are equipped with them. Learn from our IoT security experts how embedded device security testing can reduce common local & remote attack surfaces.

Learn more

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Video

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Utilizing reverse proxies offers a more advanced approach for creating phishing web pages that not only allow the Victim User to fully authenticate to their account through a malicious site, but also how to automate the theft of information within the account.

Learn more

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

Blog Post

Exploit Development

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

When performing vulnerability research, it is essential to make sure that all attack vectors concerning exploitation are exhausted. One avenue of exploitation comes from the Windows registry.

Learn more

Microsoft Outlook for Android Vulnerable to Cross-Site Scripting

Blog Post

Microsoft Outlook for Android Vulnerable to Cross-Site Scripting

Microsoft published an advisory on a critical vulnerability found in the Microsoft Outlook Android application. The attack happens when an email is sent to the victim with an embedded hidden code.

Learn more

Exploitation-Remote-WCF-Vulnerabilities

Blog Post

Exploitation of Remote WCF Vulnerabilities

In this blog, we’ll be discussing the discovery, analysis, and exploitation of CVE-2019-8917 which is a remotely exploitable WCF vulnerability that we discovered in SolarWinds Orion NPM 12.3.

Learn more

We are an international squad of professionals working as one.

Email

sales@versprite.com

logos