yechiel.xyzProxy Like a Pro: interesting method of proxying non proxy-aware Android AppsIn this blog post, we'll explore several methods to enable proxying for Android apps that do not natively support proxies. We'll cover regular methods like Wi-Fi settings, ADB commands, and Frida scripts, and then delve into more advanced techniques ...Jan 20, 2025·3 min read
yechiel.xyzProxying the Proxy - Python scripting in Burp-Suite (sort-of)By Yechiel Worenklein and David Tawil, penetration testers at Cybersafe The journey begins when we were tasked with testing and an API used for finical transactions, and received A Postman collection from the client for that matter. We quickly realiz...Jan 20, 2025·4 min read
yechiel.xyzVulnerability in VTech VCS754a Business Phones Exposes SIP CredentialsAffected module: VCS754a | Business Phone CVE: CVE-2023-25437 VTech's VCS754a business phones have been found to have a vulnerability that exposes the credentials for the SIP system, allowing anyone with access to the web portal to reveal the passwor...Apr 27, 2023·1 min read
