Blog

Blog

32C3: Gated Communities – report from hacker conference

blog | | Citadelo
The thirty-second annual Chaos Communication Congress carried the tagline “Gated Communities”. CCC is probably the oldest hacker conference and “Gated communities” worked very well as a theme for this year.
Show

We found vulnerability of CMS Made Simple

blog | | Citadelo
CMS Made Simple is a free, open source CMS to provide developers, programmers and site owners a web-based development and administration area. In 2010 it won the Packt Publishing annual award for open source content management.
Show

MODX Revolution CMS 2.5.6

blog | | Citadelo
Modx Revolution is great CMS, that is Open Source, UX friendly and easy to use. However, in a version 2.5.6 and lower we have identified multiple vulnerabilities.
Show

ExtendedMacro – BurpSuite plugin

blog | | Citadelo
BurpSuite Proxy is one of the most used HTTP proxy application for web penetration testers. This tool is one of the best in its category, but sometimes we encounter a situation requiring additional functionality which is not provided by Burp itself.
Show

The Critical State of Industrial Control Systems Security

blog | | Citadelo
\"Finally we are beginning to address the problem that we have already had in years.” This laconic sentence can sum up the conclusions of the first conference focused on security of industrial control systems (ICS).
Show

How an attacker could hack your website using Cross Site Scripting Vulnerability (XSS)

blog | | Citadelo
Our customers and friends often ask us how a real hacker attack looks like. We want to show this on a very simple, but very common vulnerability called Cross Site Scripting or XSS.
Show