About Kubertu
Kubertu Labs is created for all cyber security engineers having a flat place where people can learn and share their solid knowledge regarding security , hacking. Having many valuable reports, research papers, top #10 team at Capture the Coin CTF (Defcon 2019) and other interesting activities, products made by those…
More
Security Papers
Thinking about Requests
The reason I want to wrap up this topic is just to keep all of my logics and comprehension of request in pen testing, hacking. Why it’s important? Rather than…
Read More
Android App – Local Attack
If you have read the "Thinking about request" article. This would be much more relevant. Previously, I had made a video about gaming attack to get to the top 1st…
Read More
Capture The Coin Write-up
Result My team: Kubertu stayed at top #6 My personal work stayed at top #10 Read more: https://enderspub.e-cyber.ee/capture-the-coin-writeup
Read More
CVE-2019-11384
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11384 Author: Ender Phan Description: The Zalora application 6.15.1 for Android stores confidential information insecurely on the system (i.e. plain text), which allows a non-root user to find out the…
Read More
CVE-2019-11383
Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11383 Author: Ender Phan Description: An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user…
Read More
Crypto Wallet Local Storage Attack
PDF: https://www.exploit-db.com/docs/46466 Background During our mobile security pen testing, we have found a very interesting attack scenario in (Android application). The attack can lead the user to unknown changes contents…
Read MoreOur Team
Ender Loc Phan
SECURITY AUDITOR
Kutas Kurval
SECURITY RESEARCHER
Tien Nguyen
SECURITY OPS
Viet Nguyen
SECURITY DEVOPS
×
![]()