SANS Penetration Testing: Category - Cryptography

TLS/SSL Failures and Some Thoughts on Cert Pinning (Part 1)

By Chris Crowley It's going to happen sooner or later...sooner probably. You're going to be asked about your company's mobile app or a mobile app your company wants to install across all mobile devices. They'll put the request in the "yet another duty as assigned" (YADAA) category/bucket. You look at the network traffic; it's using … Continue reading TLS/SSL Failures and Some Thoughts on Cert Pinning (Part 1)


Winner and Official Answer to Easter Challenge

[Hello, Challenge fans! Last Friday, we posted a nifty holiday-themed crypto & stego challenge by Chris Andre Dale. We offer a special thanks to Chris for creating the challenge and for letting us host it. A whole bunch of people managed to work their way through the challenge and solve it. But, there were two … Continue reading Winner and Official Answer to Easter Challenge


Easter Challenge - The Mystery of the Missing Easter Bunny

By Chris Andre Dale The Easter Bunny has been kidnapped, and YOU have to save him! Quickly collect yourself and help save him. Put on your detective hat and start investigating the clues provided. We managed to intercept a message from the kidnappers. Unfortunately it seems to be scrambled in some way. We also managed … Continue reading Easter Challenge - The Mystery of the Missing Easter Bunny


A Most Enigmatic Adventure

Care for a little adventure story? How about one that is rooted in the history of cryptography, involves an elaborate hack that saved millions of lives, and features a bizarre twist with brain juice at the end? We have just the tale for you, and it's all a true story. Back in August 2012, Josh … Continue reading A Most Enigmatic Adventure