Blog

Congratulations to the OKIOK team who won top honors at the NSEC 2014, the most prestigious and largest on site « Capture The Flag” competition in North America. The team came in first place with [...]

We recently did a phishing campaign for a large client. One major difference between phishing and regular penetration testing is that instead of testing IT equipment, software and/or [...]

Another round of the Hacking for Beer contest. This time, the plan was to send an email that will trigger an authentication request back to my machine and have my machine forward connections to [...]

This is the sixth and final part of the story of the smart card track at NSEC 2013. You can see the first five parts: part 1, part 2, part 3, part 4 and part 5. At the end of part 5, I had all [...]

This is the fifth part of the story of the smart card track at NSEC 2013. You can see the first four parts: part 1, part 2, part 3 and part 4. I had made good progress and I only needed one more [...]

This is the fourth part of the story of the smart card track at NSEC 2013. You can see the first three parts: part 1, part 2 and part 3. Now, I had 3 of the 5 unknown components required to [...]

After having to pay rounds because of the Rubber Ducky attack, I wanted a revenge ! Daniel participated in the hardening of our email server and apparently he put extra effort to prevent SMTP [...]

The Penetration Testing team at OKIOK developed a habit of trying to hack each other’s computer. It all started as a joke when an intern forgot to lock his Windows session before going to the [...]

This is the third part of the story of the smart card track at NSEC 2013. You can see the first two parts: part 1 and part 2. Now, I had found two flags and the next one was the Old encryption [...]

All pen testers use the Burp suite at some point, but few really exploit it to its full potential. One of the most extraordinary features of Burp is the ability to write your own custom handler. [...]