Eric Kuehn

Computers are People Too

There are those rare times during pen tests, when you are on a client’s network and you don’t have any valid domain credentials but you do have local admin on a windows device joined to the client’s domain.  Perhaps you’ve exploited a vulnerability on a system that grants you local admin rights. Or maybe you’re …

Computers are People Too Read More »

Android App Testing on Chromebooks

Part of testing Android mobile applications is proxying traffic, just like other web applications.  However, since Android Nougat (back in 2016), user or admin-added CAs are no longer trusted for secure connections.  Unless the application was written to trust these CAs, we have no way of viewing the https traffic being passed between the client …

Android App Testing on Chromebooks Read More »

Scroll to Top