From Previewing Files to Cracking Hashes
In August 2022, we completed a web application penetration test for a relatively new client. The scope was a pre-existing web application that allowed users to manage their calendars, plan events, upload documents and manage their accounts.
The application had been tested by a previous penetration testing supplier and received a clean bill of health, but that all changed once we had our hands on it…