Eddie Zhang - Research Blog | Project Black

Eddie Zhang

Cloudflare Tunnel & Ngrok Alternative: Entra Application Proxy Guide

Cloudflare Tunnel & Ngrok Alternative: Entra Application Proxy Guide

It's 10pm, you're about to fall asleep, you get a notification on Twitter that informs you of a new CVSS 10 vulnerability that affects your company's PaloFortiJuniIvanti VPN appliance. Maybe it's time to look closer at some ZTNA solutions...

Is Assessing Your SaaS Providers Worth It? Uncovering an OS Command Injection in a Popular SaaS Platform

Is Assessing Your SaaS Providers Worth It? Uncovering an OS Command Injection in a Popular SaaS Platform

During a routine penetration test last year, we uncovered an OS command injection vulnerability on the login page of a SaaS platform widely used in the Australian education sector. This discovery prompts the question posed in our blog title.

How to Become a Penetration Tester

How to Become a Penetration Tester

After our recent hiring drive, we got a lot of questions from people wanting to know how they can improve their chances of breaking into cyber as a penetration tester. To help out, we've put together this blog post to explain what we're looking for in our candidates.

Whitelisting an IP Address for Penetration Testing in Cloudflare

Whitelisting an IP Address for Penetration Testing in Cloudflare

Getting ready to run a web application penetration test? Don't forget to whitelist your tester's IP address in your WAF. It might seem counterintuitive, but it helps make sure your consultant's time is used efficiently, giving you the best results.

SSH Without Port Forwarding

SSH Without Port Forwarding

Exposed ports can attract unwanted scans, and incorrect router setups risk your network's security. If you want to SSH to your server without exposing any ports here's an alternative that uses Cloudflare Tunnel.

Black Hat SEO - Fair Game or Foul Play?

Black Hat SEO - Fair Game or Foul Play?

In the cybersecurity industry, there's a constant stream of conversation about ethics. So, imagine my surprise when I discovered that certain Australian cyber consultancies seem to be involved in Black Hat SEO tactics, breaching Google's webmaster guidelines.

Automated Graylog Open Setup using Puppet

Automated Graylog Open Setup using Puppet

The term SIEM often conjures images of complex configurations and $100k bills leading to inaction. It doesn't have to be that way. In cybersecurity (and often in life), starting somewhere and taking even a small step in the right direction is preferable to standing still.

Password Strength Checkers - Mostly Useless...

Password Strength Checkers - Mostly Useless...

Think your password is strong? Ever trusted a password strength tool online (or maybe you don't trust anything)? You might be surprised to see how far off the mark some of the most popular password strength tools are.

A Watchguard Vulnerability That's a "Feature"- GuardLapse

Advisory Featured

A Watchguard Vulnerability That's a "Feature"- GuardLapse

Picture this: a feature from a security appliance that willingly dispatches its password hashes to any device on the network. That is precisely what WatchGuard's SSO does under certain circumstances. Does a bad feature warrant filing a CVE? I'm not sure.

Why You Need a Vulnerability Disclosure Program (VDP)

Why You Need a Vulnerability Disclosure Program (VDP)

You're out for a stroll and spot a house with its front door wide open. Out of concern, you try to inform the owner about the door. Unexpectedly, the owner snaps back, insisting the door is shut. This is a story about the worst vulnerability disclosure process I've ever experienced.

Announcing Partnerships with Graylog and Tenable

Announcing Partnerships with Graylog and Tenable

I'm thrilled to share that in our continued efforts to enhance our services, we are entering into strategic partnerships with Graylog, a leader in log management and security information solutions, and Tenable, renowned for their advanced vulnerability management.

Disclosing a Tic Tac Bow Vulnerability to Project 99

Disclosing a Tic Tac Bow Vulnerability to Project 99

eSports were included this year for the Olympics, which got me thinking: can you hack your way into the Olympics? This blog shares a short story of discovering and disclosing a vulnerability to Tic Tac Bow developer, Project 99.

Announcing Partnerships with KnowBe4 and Sophos

Announcing Partnerships with KnowBe4 and Sophos

In a move to broaden our capabilities, I'm excited to announce today strategic partnerships with KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, and Sophos, a global leader in next-generation cyber security.

Unveiling a Task Scam Empire

Unveiling a Task Scam Empire

A month ago, I signed up for a scam. Little did I know, this rabbit hole would ultimately lead to uncovering a large scale operation, a report filed with the ACSC and a subsequent an investigation by the NSW police.