Fluid Attacks logo
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us
GET A DEMO
Man sitting facing laptop. Photo by Clint Patterson on Unsplash: https://unsplash.com/photos/dYEuFB8KQJk

How to pass the OSCP

The meaning of Try Harder

My background before taking the exam was two years of work at Fluid Attacks as a penetration tester, this means that I already had the know-how of a penetration test and how to build a technical...



Broken blue ceramic plate on Unsplash: https://unsplash.com/photos/WdJkXFQ4VHY

Debug like a Boss

Should CEOs discuss software defects?

You wake up, and probably check your smartphone immediately. Chances are you already have smart devices at home; like light bulbs, you turn on and off from the same smartphone. You often check...



Mobile showing statistics. Photo by Austin Distel on Unsplash: https://unsplash.com/photos/EMPZ7yRZoGw

Battle Tendency

Most relevant IT investments in 2019

In our last article, we talked about cybersecurity risks that may be present in the most popular IT technology currently in use. Although we mentioned some of these in the second part of our...



Turned on Android smartphone. Photo by Pathum Danthanarayana on Unsplash: https://unsplash.com/photos/t8TOMKe6xZU

Intercepting Android

Intercept applications in newer Android phones

Android is an operating system based on the Linux kernel and used by mobile devices such as smartphones and tablets. Due to its popularity, it is the major target for hackers. One of their common...



Photo by camilo jimenez on Unsplash: https://unsplash.com/photos/vGu08RYjO-s

Triage for Hackers

Prioritize code auditing via ML

Based upon our last experiment, in this article, I will provide a global vision of how our ML for vulnerability discovery approach should work. First, what problem would this solve? I am repeating...



Multicolored hallway. Photo by Efe Kurnaz on Unsplash: https://unsplash.com/photos/RnCPiXixooY

Do we need a Purple Team?

Understanding Purple Teams

A good way to think of Purple Teams is that they are a mixture of Red or sword, and Blue or shield teams in pentesting processes. They are professional hackers that simulate attacks and protect an...



Photo by Rishi Deep on Unsplash: https://unsplash.com/photos/WiCvC9u7OpE

Vulnerability classifiers

A pipeline to classify vulnerable code

After our first encounter with the Python machine learning ecosystem, we are ready for a first attempt at creating a vulnerability classifier from samples of labeled code. Our objective is to...



Screen showing performance stats. Photo by Stephen Dawson on Unsplash: https://unsplash.com/photos/qwtCeJ5cLYs

Security in trends

Cybersecurity risks in technology trends

In today’s world technology evolves rapidly. New tools, approaches, and trends seem to come out on almost a daily basis. It’s our duty to keep pace with these changes, adapt to new technologies...



Data and regression line, crop.

Digression to Regression

Simple linear regression in scikit

After our risk quantification series, it should come as no surprise that we like numbers and measuring. However, when confronted with the question, "Why do you need to translate code into...



Photo by NESA by Makers on Unsplash

Sastisfying App Security

An introduction to SAST

SAST is a type of white box test in which a set of technologies is used to analyze the source code, byte code or the application binaries in order to reveal known security vulnerabilities that can...



Data Has A Better Idea. Photo by Stefan Steinbauer on Unsplash: https://unsplash.com/photos/1K6IQsQbizI

Vulnerabilities in Deep Learning

Deep Learning for vulnerability disclosure

Currently, data scientists have begun using AI (Artificial Intelligence) algorithms to solve problems from the data perspective. Data scientists have been working on problems related to areas like...



Foosball red vs blue. Photo by Stefan Steinbauer on Unsplash: https://unsplash.com/photos/va-B5dBbpr4

Red Team exercise

What is a Red Team exercise?

Red Team refers to a team of professional hackers that attempts to access a system through simulating a cyberattack. During a Red Team exercise each team member plays a specific role while the...




Service status - Terms of Use