Home | VerSprite Resources

Attack Surface

We are passionate about helping our clients chart a course that brings security and business together.

Artificial Intelligence

Blog Post

AI and Cybersecurity: Threats and Opportunities

In this article, we’ll discuss the benefits and threats of AI and machine learning tools in cybersecurity applications.

Learn more

Chrome Exploit

Blog Post

Chrome Exploitation:

To teach Chrome exploitation to my team, I’ve selected a previous 0day RCE that I found last year for my company VerSprite: CVE-2021-21224 https://crbug.com/1195777, and I’ve paired it with a SBX bug found by Tim Becker: https://crbug.com/1062091.

Learn more

Cyber Attacks on Smart Cars

Blog Post

Exploit Development

Cyber Attacks on Smart Cars Using SDR

The aim of this research is to uncover the vulnerabilities of the keyless smart cars as well as to hack and exploit them through the technologies like software defined radio (SDR) and devices GNURadio and HackRF.

Learn more

Android

Blog Post

Exploit Development

Exploring Android Vulnerabilities and Binder: Part II Building POC Code with Android NDK

This blog continues Part I of the android exploitation experiment. We build a proof-of-concept code with an Android NDK. UAF vulnerability (CVE-2019-2215)

Learn more

Android Vulnerability

Blog Post

Exploit Development

Exploring Android Vulnerabilities and Binder: Part I

This blog post will trigger a UAF vulnerability (CVE-2019-2215) in Binder from scratch. After preparing the necessary environment and tools, we will reach the KASAN output with the POC exploit.

Learn more

Blog Post

Exploit Development

What is Responsible Disclosure?

What is responsible disclosure? In this article, VerSprite will outline a typical process for zero-day vulnerability reporting, the ethics behind hacking, and provide real-world examples of our responsible disclosures.

Learn more

Embedded Device Surface Attacks | IoT Security | VerSprite Cybersecurity Advisory

Blog Post

Embedded Device

What You Need to Know About Embedded Device Attack Surfaces

Embedded Device security is increasingly more important to discuss as more everyday and critical medical devices are equipped with them. Learn from our IoT security experts how embedded device security testing can reduce common local & remote attack surfaces.

Learn more

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Video

Multi-Factor Authentication

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Utilizing reverse proxies offers a more advanced approach for creating phishing web pages that not only allow the Victim User to fully authenticate to their account through a malicious site, but also how to automate the theft of information within the account.

Learn more

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

Blog Post

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

When performing vulnerability research, it is essential to make sure that all attack vectors concerning exploitation are exhausted. One avenue of exploitation comes from the Windows registry.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos