Estimated difficulty: 💜💜🤍🤍🤍 This post will walk you through what a JavaScript interface is and how you might retrieve the Java object from the application into the application WebView using this method. A WebView is pretty much what it says on the tin. Android applications can define a WebView within Continue Reading
The Importance of Not Doing Work: Avoiding Burnout Part Two
So in hindsight this title is a tad misleading, I’m definitely not suggesting to drop all your job responsibilities in a blink of an eye…! But rather evaluate your work/life balance to ensure you’re prioritising your mental health above all – as of course, you should always be your first Continue Reading
Android Attack: Reversing React Native Applications
Estimated difficulty: 💜💜🤍🤍🤍 This post is going to walk you through how to reverse engineer an Android application that is built using React Native. It is more common to see applications being built using this mobile framework, as it supports the development of an app in both Android and iOS Continue Reading
XXE Injection: To Entity and Beyond!
Estimated difficulty: 💜💜💜💜🤍 Welcome back readers! After a few months hiatus, the Queens are back in action and ready to blog to our heart’s content! This month’s blog we will be delving into the art of XXE injection, what it is, a few ways to exploit it, and the mitigation Continue Reading
Shh! Weaknesses In Remote Management Protocols
Estimated difficulty: 💜🤍🤍🤍🤍 Recently I was studying for CRT. To help myself and others revise, I thought I would make this blog post on management protocols and some of their common weaknesses and vulnerabilities. This is a high-level overview of some of these protocols and how to exploit them. We Continue Reading
Smashing Stacks and All the Hax
Estimated difficulty: 💜💜💜💜🤍 Hulk, smash? Stacks, that is! Welcome to another strictly hax-themed blog, and something a little out of my comfort zone I must say – so if there are any constructive criticisms or feedback… Please let me know! This month we are covering the basics of stack smashing Continue Reading
Understanding Unix File Permissions
Estimated difficulty: 💚🤍🤍 If you are a newbie in security and want to start learning about Unix, then this is a great post for you. This will be a quick fire post on file permissions. What do they mean and some of the vulnerabilities you might spot out in the Continue Reading
Zoning Out: An Introduction to DNS Zone Transfers
Estimated difficulty: 💜💜🤍🤍🤍 DNS (Domain Name System) zone transfers are used to help replicate databases across different domain servers, allowing administrators to modify or edit records easily by implementing the changes on one server and copying the changes to the others. Zone transfers are completed using the AXFR protocol, and Continue Reading
Deauth Yourself: How to Build a Deauthenticator
Estimated difficulty: 💜🤍🤍🤍 🤍 Welcome to the wonderful world of hardware. This blog post is a walkthrough of how to build a deauthenticator; a pocket-sized tool that you can create to kick a device off of a network (especially good to know for April fools, or if you just want Continue Reading
Light ’em Up: An Introduction to LiDAR
Estimated difficulty: 💜💜🤍🤍🤍 It’s been a while since I’ve written about zoom hax, if you’re new to Security Queens – you can find my last blog post on hacking cars via. the Control Area Network (CAN) here. Instead of focusing on physical CAN bus hacking, this blog post will do Continue Reading