Posts
SySS Tech Blog
Cancel

Bluetooth Relaying Attacks

Bluetooth has become one of the most widely used technologies for modern connectivity, powering everything from audio devices to industrial sensors and automotive systems. However, this widespread ...

TURN! - What could possibly go wrong?

In this blog post, we describe common pitfalls and attack vectors in TURN services. For practical testing and exploitation, we also introduce a new easy-to-use open-source tool called TURNado. Int...

Intercepting WCF Traffic with wcfproxy

Windows Communication Foundation (WCF) is still a commonly used .NET framework for client-server communication. Specifically, when Net.TCP is used for transport, the binary encoding of messages mak...

Scanscope: Visualizing Port Scan Results Using Machine Learning Methods

Port scan results of large networks are usually only machine-readable. Nmap, arguably one of the most widely used port scanners, may offer a textual output that is human-readable for a handful of h...

Hacking a Keyboard for Fun and Profit - Can It Run Doom?

The Asus ROG Azoth is a high-end gaming keyboard built to be a bit smarter than normal keyboards. Solid tactile switches, fully customizable RGB lighting, and a crisp built-in OLED display put it a...

Why Regular Employees Should Not Boot Their Computers From External Media

In this blog article, we want to explain why regular employees should not be able to boot their work computers from external media, even if their devices are encrypted.

MeshHacks: Exploiting Linksys Intelligent Mesh from the Internet

In this blog post, we describe multiple vulnerabilities we found in Linksys Wi-Fi routers, especially exploiting the “Intelligent Mesh™” functionality, which can be used to wirelessly link routers ...

AzurEnum - Update

Back in 2024, we published AzurEnum (SySS Tech Blog; SySS on GitHub) to help organizations and pentesters alike to identify misconfigurations within their EntraID environment. Since then, further c...

OAuth 2.0 Browser Swapping Attacks

OAuth 2.0 is the predominant authorization standard on the modern web. OpenID Connect (OIDC), a widespread extension of OAuth 2.0, is used for most single sign-on (SSO) systems today. Unfortunately...

Foxconn FCC Unlock

Many newer Dell notebooks are equipped with DW5932e WWAN modules for mobile connectivity. These modules are manufactured by Foxconn and contain a Snapdragon X62 5G modem. Unfortunately, at the time...