Pentest Research

Pentest Research Projects

We invest significant time into cybersecurity research projects, honing and developing skills which allow our consultants to deliver the best possible results.

Take a look at our latest research projects below.

iOS Mobile Application Security | Pentest Limited

iOS Mobile Application Security – What Does Your Attack Surface Look Like?

Android Security Exposure | Pentest Limited

Android Mobile Application Security – Understanding Your Exposure

Pentest - Research - RPC

Researching Remote Procedure Call (RPC) vulnerabilities

Android Root Detection Bypass using Frida (Part 3 – OWASP Uncrackable 3) | Pentest Limited

Android Root Detection Bypass using Frida (Part 3 – OWASP Uncrackable 3)

Android Root Detection Bypass using Frida (Part 2 - RootBeer Sample | Pentest Limited

Android Root Detection Bypass using Frida (Part 2 – RootBeer Sample)

Android Root Detection Bypass using Frida (Part 1 – OWASP Uncrackable 1) | Pentest Limited

Android Root Detection Bypass using Frida (Part 1 – OWASP Uncrackable 1)

Reflected XSS Vulnerability – SoPlanning | Pentest Limited

Reflected XSS Vulnerability – SoPlanning

XSS to Account Takeover – SoPlanning | Pentest Limited

XSS to Account Takeover – SoPlanning Software

Time-based Blind SQL Injection – SoPlanning | Pentest Limited

Time-based Blind SQL Injection – SoPlanning

Boolean-based Blind SQL Injection - SoPlanning | Pentest Limited

Boolean-based Blind SQL Injection – SoPlanning

Leveraging XSS to get RCE in Textpattern 4.8.7 | Pentest Limited

Leveraging XSS to get RCE in Textpattern 4.8.7

Multiple Vulnerabilities in OpenCMS 11.0.2 | Pentest Limited

Multiple Vulnerabilities in OpenCMS 11.0.2

Exploiting OpenCMS 11.0.2 using ClickJacking | Pentest Limited

Exploiting OpenCMS 11.0.2 using ClickJacking

Leveraging XSS to get RCE in OpenCMS 11.0.2 | Pentest Limited

Leveraging XSS to get RCE in OpenCMS 11.0.2

Authentication Bypass - Fedena School Management Software (CVE-2021-27980) | Pentest Limited

Authentication Bypass – Fedena School Management Software (CVE-2021-27980)

Multiple Vulnerabilities in Fedena 2.3 School Management | Pentest Limited

Multiple Vulnerabilities in Fedena 2.3 School Management Software

The (Remote) Road to Pwn2Own Tokyo 2020 | Pentest Limited

The (Remote) Road to Pwn2Own Tokyo 2020

Drupal 8 Remote Code Execution by estimating installation time of site (CVE-2020-13664) | Pentest Limited

Drupal 8 Remote Code Execution by estimating installation time of site (CVE-2020-13664)

A subtle stored-XSS in WordPress core (CVE-2020-4046) | Pentest Limited

A subtle stored-XSS in WordPress core (CVE-2020-4046)

I Like to Watch - Hack-A-Sat CTF Solution | Pentest Limited

I Like to Watch – Hack-A-Sat CTF Challenge Solution

RCE in WordPress Elementor Plugin (CVE-2020-7055) | Pentest Limited

RCE in WordPress Elementor Plugin (CVE-2020-7055)

Cross-Site Scripting (XSS) in GistPress WordPress Plugin (CVE-2020-8498) | Pentest Limited

Cross-Site Scripting (XSS) in GistPress WordPress Plugin (CVE-2020-8498)

Latest insights from Pentest

JSON Web Tokens – Algorithm Confusion Attack - Pentest Insight

JSON Web Tokens – Algorithm Confusion Attack

Understanding SSRF Threats - Pentest Insight

Trust in Applications is a Luxury – Understanding SSRF Threats

DNSSEC - Pentest Insight

DNSSEC: the quickest win in Cyber Security?

/contact Us

/connect

/services

/about

/links

Pentest Limited is registered in England and Wales with company number 11925182

Registered address: 22 Great James Street, London, WC1N 3ES

VAT registration No: 331802826

© 2019 - Present. Pentest Limited. All rights reserved.