https://www.leviathansecurity.com/blog daily 0.75 2025-11-03 https://www.leviathansecurity.com/blog/xyqp7hr5bf5ynzwr91z5vtzctckaip monthly 0.5 2025-11-03 https://www.leviathansecurity.com/blog/october-2025-mobile-platform-security-amp-fraud-prevention-assessment monthly 0.5 2025-10-28 https://www.leviathansecurity.com/blog/overcoming-insularity-a-critique-of-the-try-harder-mentality monthly 0.5 2025-10-27 https://www.leviathansecurity.com/blog/integrating-security-metrics-into-quality-models-a-dora-aligned-strategy monthly 0.5 2025-07-01 https://www.leviathansecurity.com/blog/aws-cognito-security-cognito-user-pool-introduction-and-user-attributes monthly 0.5 2025-06-17 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1c4a8305-a690-44b5-a6e0-07a1cfde787d/AWS_Cognito_User_Pool.png Blog - AWS Cognito Security — Cognito User Pool Introduction and User Attributes - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a128eed7-7faa-4018-a892-a174e87ab4b5/AWS_Cognito_User_Users_and_Attributes.png Blog - AWS Cognito Security — Cognito User Pool Introduction and User Attributes - Users and Attributes A user object in the directory is represented by a set of attributes. Although Cognito provides developers with standard attributes for almost any use case (e.g., address, mobile phone, email), it also allows creation of custom attributes. Such attributes have a custom: prefix, as shown in the configuration dashboard: https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1f13f5ec-e135-477f-8620-4f7a6e68d71b/AWS_Cognito_User_Pools_Groups.png Blog - AWS Cognito Security — Cognito User Pool Introduction and User Attributes - User pool groups Developers can also define User Pool groups to use in application-level access control mechanisms. The permissions of an individual user in User Pool are identified by the groups the user is in because groups can be mapped to IAM roles. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6ecb2296-db66-4960-97bc-342a9cd6a5d1/AWS_Cognito_User_Pools_Read_Write_Permissions.png Blog - AWS Cognito Security — Cognito User Pool Introduction and User Attributes - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ad04dc65-2cfd-4be0-b307-6c6fdf6193c3/AWS_Cognito_Fails_To_Sanitize_Input.png Blog - AWS Cognito Security — Cognito User Pool Introduction and User Attributes - User data is not sanitized by Amazon Cognito Despite a common misconception that data from cloud services is validated enough to be considered trusted, we found that Cognito implements only very basic constraints on user input. Thus, User Pool attributes can effectively be used as sources for second-order injection attacks on the developer software that processes the Cognito data. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1f06cbf4-f697-45c3-8e4a-583c03a73de9/AWS_Cognito_User_Pools_User_Login_Octopus_Storage.png Blog - AWS Cognito Security — Cognito User Pool Introduction and User Attributes - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/f6b27d56-5b2b-4c7d-8601-f58ee476d77c/AWS_Cognito_User_Pools_SSTI_Vulnerability_Octopus_Storage.png Blog - AWS Cognito Security — Cognito User Pool Introduction and User Attributes - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6516a2cb-40f0-4d06-8a14-ef9e8b88449b/AWS_Cognito_User_Pools_Environment_Session_Variables_Terminal.png Blog - AWS Cognito Security — Cognito User Pool Introduction and User Attributes - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b095be07-ed09-4093-8ed3-6a71dc60bc5d/AWS_Cognito_User_Pools_Properly_Preventing_Injections.png Blog - AWS Cognito Security — Cognito User Pool Introduction and User Attributes - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/aws-cognito-security-overview monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/55886227-5b8e-4099-88fd-2218c4e81229/AWS_Cognito_Security_Overview.png Blog - AWS Cognito Security — Overview - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/77a002ca-d985-4204-a222-3ec78026413c/AWS_Cognito_User_Pools_Identity_Pools.png Blog - AWS Cognito Security — Overview - Amazon Cognito Components We can highlight two main components in Cognito: User Pools and Identity Pools. User Pools provide managed authentication services, while Identity Pools handle authorization to cloud resources via temporary AWS credentials. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/5ad61cb0-7558-43f3-a071-60846c49c539/AWS_Cognito_Overview_User_Pool_Tokens.png Blog - AWS Cognito Security — Overview - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/f77d4262-b70b-482e-ae3d-8b43f9f1dfbc/AWS_Cognito_Overview_API_Gateway_Access_Control.png Blog - AWS Cognito Security — Overview - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/dcd96222-4bc6-43a8-9121-110202258e4d/AWS_Cognito_Overview_API_Gateway_Access_Control_SAML_OIDC_SSO.png Blog - AWS Cognito Security — Overview - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/14e118b7-4134-42fd-9f1a-2d22a0b3271b/AWS_Cognito_Overview_API_Gateway_Access_Control_To_Third_Party.png Blog - AWS Cognito Security — Overview - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/c640e8b7-7c80-4d3e-a167-03fe1ce2b1a2/AWS_Cognito_Octopus_Storage.png Blog - AWS Cognito Security — Overview - Octopus Storage We have developed a playground for vulnerabilities mentioned in this series called Octopus Storage. It is a cloud file hosting service built as a server-less web application using AWS Cognito for authentication. The application can be deployed in an AWS account using Terraform. Try to find vulnerabilities on your own, and check yourself when we release the rest of the articles! https://www.leviathansecurity.com/blog/aws-cognito-user-pool-shared-user-pools monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/5ac08168-afa3-45d8-a8e2-596e028e7399/AWS_Cognito_Shared_User_Pools.png Blog - AWS Cognito User Pool — Shared User Pools - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/5097c6d1-d4a5-4820-9132-22750d9cb80e/AWS_Cognito_Shared_User_Pools_Octopus_Storage_Admin_Login.png Blog - AWS Cognito User Pool — Shared User Pools So, what will happen if we try to log into the admin panel with test_user credentials? https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/3a5e2acc-6e73-4e3d-975a-331acb6d46ae/AWS_Cognito_Shared_User_Pools_Octopus_Storage_Unauthorized_Access.png Blog - AWS Cognito User Pool — Shared User Pools Since test_user and octopus_admin are in the same User Pool, we gain unauthorized access to the page and can now manage the other application users. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/dd5dd005-36ea-4532-8111-42abc3443e42/Leviathan_Security_Group_Stewardship_and_Protection.jpg Blog - AWS Cognito User Pool — Shared User Pools - Security Services Looking for someone to validate your AWS Cognito configuration? Contact us now so that we may assist you and your team in reviewing your existing infrastructure, as well as working closely with your developers to create a secure SDLC for your products. https://www.leviathansecurity.com/blog/2025-mobile-platform-fraud-prevention-assessment monthly 0.5 2025-03-04 https://www.leviathansecurity.com/blog/3-pillars-of-security-at-day-1-start-ups-risk monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/eb2b7f35-799d-4c4f-8832-ff74ec943aaf/3_Pillars_of_Security_for_Startups.png Blog - 3 Pillars of Security at Day 1 Start Ups - Risk Build it, sell it, then secure it. That unspoken mantra echoes down the halls of software start-ups around the world going back to ages past and resonating into the distant future. Likewise, you have security purists in every feed on every social media platform preaching the good word of building securely from the ground up. These two viewpoints are often positioned directly opposite each other. Engineering leaders warily push back against anything that would take away product development hours and security consultants wag their fingers while pointing to various standards in hopes of swaying their opponents. https://www.leviathansecurity.com/blog/uefi-is-the-new-bios monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/0acf33cc-8def-4d0f-8c0f-09f296f8a2f2/UEFI_Reverse_Engineering_Vulnerability_Discovery.png Blog - UEFI is the new BIOS - Make it stand out UEFI Reverse Engineering, Vulnerability Discovery, and Exploit Development: Part 0 By Nika Wakulich https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/82ac2feb-6619-4b58-907b-d9302725ab5f/UEFI_Boot_Process_Phase_Diagram.png Blog - UEFI is the new BIOS - Figure 1a. UEFI/PI Boot Process phases (Image source: (https://uefi.org/specs/PI/1.8/V2_Overview.html) https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1149d3ba-87a6-4f98-a97c-884a8eeac659/UEFI_Boot_Process_Phases_and_Environment_Diagram.png Blog - UEFI is the new BIOS - Figure 1b. UEFI/PI Boot Process phases and environment (Image source: https://uefi.org/specs/PI/1.8/V2_Overview.html) Figure 1b. UEFI/PI Boot Process phases and environment (Image source: https://uefi.org/specs/PI/1.8/V2_Overview.html) https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/5ac95143-f8e6-4270-9623-d2a39c2cd2bd/UEFITool_Board_X58ICH10_UEFI_BIOS.jpg Blog - UEFI is the new BIOS - Figure 2. UEFITool view of Board X58ICH10 UEFI BIOS - SEC phase code https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/4d8be0a4-23f8-44c8-bc48-ea08f7d2d232/UEFITool_Board_BIOS_-_PEI_Phase_Code.jpg Blog - UEFI is the new BIOS - Figure 3. UEFITool view of Board X58ICH10 UEFI BIOS - PEI phase code https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/dd2c7a1d-8d3f-4ff7-9a35-3c4c4f8b56ea/UEFI_Data_Structures_Initialized_During_DXE_Phase.png Blog - UEFI is the new BIOS - Figure 4. UEFI Data Structures initialized during DXE Phase Image Source: UEFI PI Spec, Volume 2: DXE Foundation (9.3. DXE Foundation Data Structures, Fig. 9.2 UEFI System Table and Related Components https://uefi.org/specs/PI/1.8/V2_DXE_Foundation.html#uefi-system-table-and-related-components) https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/e43cd297-17b6-4870-8dc9-2ab637e867bb/DXE_Foundation_Components.png Blog - UEFI is the new BIOS - Figure 5. DXE Foundation Components Image Source: UEFI PI Spec, Volume 2: DXE Foundation (9.4. Required DXE Foundation Components https://uefi.org/specs/PI/1.8/V2_DXE_Foundation.html#dxe-foundation-components) https://www.leviathansecurity.com/blog/the-unexpected-benefits-of-threat-modeling monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/c3118a85-37af-4a9d-9dd3-16ce0f4d0d51/a_person_meticulously_completing_a_threat_matrix.png Blog - The Unexpected Benefits of Threat Modeling - Make it stand out “He that breaks a thing to find out what it is has left the path of wisdom." - Gandalf the Gray https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/e1d37fbe-2a79-450b-a3a1-33260452fbb4/A+good+threat+model+provides+testers+with+an+easily+discernable+roadmap+for+their+evaluation.png Blog - The Unexpected Benefits of Threat Modeling - A good threat model provides testers with an easily discernable roadmap for their evaluation. https://www.leviathansecurity.com/blog/bypassing-ssrf-filters-using-r3dir monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/76c1d95b-a82d-4177-98fa-14788e1b23b9/Bypassing_SSRF_Filters_Using_r3dir_hero_image.png Blog - Bypassing SSRF Filters Using r3dir - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/9d81cef5-959c-4d2e-8a4a-c01106edd0c5/Bypassing_SSRF_Filters_Using_r3dir_Dataflow_Diagram.png Blog - Bypassing SSRF Filters Using r3dir - In an example above, a pentester controls only domain of the server-side request. However, r3dir lets the pentester bypass these limitations by encoding target URL in subdomains (details how it works are described on GitHub README pages). https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/54215c2d-0771-495d-82e4-1a22cf815155/Bypassing_SSRF_Filters_Using_r3dir_Burpsuite_Extension_Hackvertor.png Blog - Bypassing SSRF Filters Using r3dir https://www.leviathansecurity.com/blog/cve-2024-31735-libevent-library-memory-leak monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/55499644-f7c9-4f14-afad-6dd78d3ad780/LibEvent_-_Computer_Leaking_Liquid_Memory Blog - CVE-2024-31735: LibEvent Library Memory Leak - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/f6489802-b73e-456e-b09d-429e2ae3fd98/LibEvent_CVE_Vulnerable_Code.png Blog - CVE-2024-31735: LibEvent Library Memory Leak This oversight results in a memory leak because the memory allocated for the structure remains in use even though the function has exited with an error. https://www.leviathansecurity.com/blog/vulnerabilty-research-and-the-importance-of-supporting-young-talent monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/496a1db0-d3da-4fe5-b356-0eb45d618426/Logan_George_Juniper_Public_Disclosure.png Blog - Vulnerability Research and the Importance of Supporting Young Talent - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/dd715227-7ef8-41f2-8b45-422d9c27fe8b/Logan_George_Juniper_Swag Blog - Vulnerability Research and the Importance of Supporting Young Talent - Logan’s work was also reviewed and approved by the kind folks at Juniper Networks, who were gracious enough to send him some corporate goodies, and provided some supporting context: https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/c1dec6e0-e094-4e99-b841-5e9758b2e89c/Logan_George_Thank_You_Letter_From_Juniper Blog - Vulnerability Research and the Importance of Supporting Young Talent - “We at Juniper take our position as a telecommunications supplier very seriously and work hard to reduce and remove vulnerabilities in our products. Insights from independent researchers are a key tool to bring different perspectives to our efforts, and we value their input. When following responsible disclosure practices, the significance of their contribution is only amplified.“ - Drew Simonis, CISO Juniper Networks https://www.leviathansecurity.com/blog/tunnelvision monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1714397721412-K7KKE0AMAP8OI38VO0I3/TunnelVision_No_Light_At_The_End_of_The_Tunnel Blog - TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d7ff8687-54ca-4190-890c-bbf2c1dd401c/TunnelVision_Digram_Virtual_Interface_Without_Physical_Interface Blog - TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak - Make it stand out Figure 1: A simplified example of a virtual interface that is not backed by a physical interface. Traffic between virtual machines never leaves the host. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/01b60033-065a-41fa-ad19-42b707510655/TunnelVision+-+Virtual+Interface+backed+by+physical+interface Blog - TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak - Make it stand out Figure 2: An example of a virtual interface that is backed by a physical interface. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/0e11e246-a493-4479-aac8-a43d94a41a33/TunnelVision_Diagram_Simple_VPN_Setup Blog - TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak - Make it stand out Figure 3: A simplified VPN setup where the VPN user is accessing a resource on a different network. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2d615918-a39e-44aa-b89e-556df9891348/TunnelVision_Dataflow_Diagram_VPN_Linux_Host Blog - TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak - Make it stand out Figure 4: A dataflow diagram of a VPN on a Linux host. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/f2d442fa-6653-41bc-a2a9-a4a226f57bde/TunnelVision_Network_Diagram_DHCP_Obtain_IP_Address Blog - TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak - Figure 5: How a DHCP client obtains an IP address and then maintains its lease. Figure 5: How a DHCP client obtains an IP address and then maintains its lease. Source: https://docs.oracle.com/cd/E23824_01/html/821-1453/dhcp-overview-3.html https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/4f6b9d89-1e68-4855-84f8-b5a235eae0fc/TunnelVision_DHCP_Offer_Packet_Wireshark Blog - TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak - Figure 6: A DHCPOFFER packet that includes an option 121 route. The network interface is not specified by design. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1ab12693-9306-443f-aab2-ce851f756d3e/TunnelVision_Diagram_DHCP_121_Reroute_Traffic Blog - TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak - Make it stand out Figure 7: A malicious DHCP option 121 route that causes traffic to never be encrypted by the VPN process. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/50ac715a-32dd-4cf7-b573-5b4ddcaf66c6/TunnelVision_Leviathan_Engineers_Contact_Us Blog - TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak - Let Us Know If you have questions or are interested in learning about how Leviathan Security Group can help you achieve your security goals, head over to our contact page and submit our short form. Our team will reach out to you to schedule a time to learn more about your initiatives and priorities. https://www.leviathansecurity.com/blog/encoding-bitwise-functions-as-polynomials monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/09a3f983-3960-4c2f-b665-ae6d946bbaad/Encoding_Bitwise_Functions_-_Conversion_of_Binary_to_Polynomials Blog - Encoding Bitwise Functions as Polynomials In this post, we will use polynomials to represent Boolean functions, see how they can be solved using generic math, analyze the properties of the representation, and use them to construct an arithmetic logic unit (ALU). Following these steps, we will create a symbolic solver using algebra. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/52e3285d-20d2-49e9-9f44-127034e874d6/Encoding_Bitwise_Functions_-_Symbolic_Compilation Blog - Encoding Bitwise Functions as Polynomials - Implementing the symbolic compiler Symbolic bits We now have enough background information to build the symbolic compiler ! First, we need to lay down some convention. Functions will take in symbits, which are just wrappers that translate bit operations into polynomial operations. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2c7f7ec1-6202-474b-bc24-59ce7ef0d243/Encoding_Bitwise_Functions_-_Timelessness Blog - Encoding Bitwise Functions as Polynomials - Timeless This representation also has no runtime. In fact, there is no time. Think of the compiled bit vector as every possible answer frozen the moment before observation. When we evaluate it, it instantaneously gives us an answer. The compilation process converts state changes over time into a singular, intertwined state. The compiled bit vector is a closed system, unable to receive additional input symbols. All state that is and will be is already encoded. That's the reason I did not attempt to make RAM. RAM is for temporary storage. That would only be needed if there were time, change, or other input. https://www.leviathansecurity.com/blog/when-you-have-no-bars monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/e59f1df6-9972-449e-90b6-96ae65416ac7/Business_Person_WIthout_Signal Blog - When You Have No Bars - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/15e5f06f-aa5c-462a-9459-117afbf6ada1/When_You_Have_No_Bars_Battle_Plans_For_Organizations.jpg Blog - When You Have No Bars - There are several strategies that businesses and other organizations can use to minimize disruption when the service bars drop or the dreaded “no service” notification appears. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/8c7ac32b-f9f6-4387-8840-38bb6a226071/When_You_Have_No_Bars_-_Security_Engineer_Testing_Hardware.png Blog - When You Have No Bars - At Leviathan Security Group, we have extensive experience testing baseband, experimental cellular infrastructure, and cellular devices. Want to talk more about your organization’s readiness when you have no bars? Contact us! https://www.leviathansecurity.com/blog/websockets-and-meteor-attacking-meteor-applications-with-eighthundredfeet monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/fbfc78ac-f5ea-463c-96ef-0b7774b10418/WebSockets_and_Meteor_Exploiting_Meteor_Applications.jpg Blog - WebSockets and Meteor: Attacking Meteor Applications with eighthundredfeet The final entry in this series on attacking WebSocket applications (if you missed the first and second you should go check them out and come back here after) introduces a tool called eighthundredfeet that provides a starting point for a comprehensive pen test on any application written using the Meteor framework. In addition to exploiting some of the framework’s inherent vulnerabilities, it contains a set of classes that can help script a variety of attacks. It also includes a feature that creates an HTTP-only interface to Meteor’s Distributed Data Protocol (DDP) so that HTTP-only security tools like BurpSuite’s Scanner and Intruder can be used against Meteor apps. eighthundredfeet’s code, which is written in JavaScript and run on NodeJS, should be simple enough to adapt to other WebSocket applications that do not use DDP. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/95c178d2-ac9c-4872-a967-eae81c921bb4/WebSockets_and_Meteor_Hexdump.png Blog - WebSockets and Meteor: Attacking Meteor Applications with eighthundredfeet - Make it stand out HxD hex editor screenshot of Burp project file showing record length field (000053), message length field (00004b) and WebSocket message body https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2c575abc-d9c1-4412-a56a-4313e1a0e229/WebSockets_and_Meteor_Network_Diagram.png Blog - WebSockets and Meteor: Attacking Meteor Applications with eighthundredfeet - Make it stand out Diagram illustrating HTTP communications between browser and harness server, and WebSocket communications between harness server and Meteor app. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/8b3222fc-68b9-417f-8aef-0dc513e4fb6f/WebSockets_and_Meteor_Reusing_Connections_and_Subscriptions.jpg Blog - WebSockets and Meteor: Attacking Meteor Applications with eighthundredfeet - Reusing connections and subscription state When scripting attacks that need to check what documents were returned from the server, bear in mind that the server keeps track of which documents have been sent to the client and stores that as part of a DDP connection’s state. https://www.leviathansecurity.com/blog/websockets-and-meteor-a-penetration-testers-guide-to-meteor monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/e7ba9036-98dd-4f51-b571-c96e495c96e9/WebSockets_and_Meteor_a_Penetration_Testers_Guide.jpg Blog - WebSockets and Meteor: A Penetration Tester’s Guide to Meteor The first installment in this series examined WebSockets from an attacker’s perspective and discussed why new tooling is required for pen testing WebSocket apps. This post introduces Meteor, a JavaScript framework that makes heavy use of WebSockets, and describes its attack surface and vulnerabilities. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2a4fed76-c4cf-462d-b657-127344142ac7/WebSockets_and_Meteor_Inherent_Weaknesses.jpg Blog - WebSockets and Meteor: A Penetration Tester’s Guide to Meteor - Meteor’s built-in weaknesses Fortunately for attackers, Meteor has multiple weaknesses under a default configuration. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/33247492-13b2-4b84-b688-1279c2701fa5/WebSockets_and_Meteor_Stale_Cursor_Authorization_Bypass.jpg Blog - WebSockets and Meteor: A Penetration Tester’s Guide to Meteor - Stale cursor vulnerabilities In addition to the weaknesses in Meteor’s core, it is easy to introduce a type of bug in publication code, which can lead to authorization bypass vulnerabilities. https://www.leviathansecurity.com/blog/websockets-and-meteor-introduction-to-websockets-for-penetration-testers monthly 0.5 2025-06-11 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/cefde1ec-9230-4339-84df-5ae1b2a31a6d/WebSockets_and_Meteor_for_Penetration_Testers.png Blog - WebSockets and Meteor: Introduction to WebSockets for Penetration Testers The WebSocket protocol is over a decade old, yet it still creates headaches for offensive security professionals. Most penetration testers know that common web security tools have limited support for WebSocket, but the differences between HTTP and WebSocket run much deeper than that. A successful penetration test on a WebSocket app requires a conceptual understanding of the protocol’s design. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/67ca39b6-c22f-42f0-81e9-e4dbdaeb2e91/WebSockets_and_Meteor_Lacking_Security.jpg Blog - WebSockets and Meteor: Introduction to WebSockets for Penetration Testers - The WebSocket security model, or lack thereof https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/32a8a7e0-1e7c-4792-bc2f-78886d3d836b/WebSockets_and_Meteor_Old_School_Tools.jpg Blog - WebSockets and Meteor: Introduction to WebSockets for Penetration Testers - Old-school security tools cannot handle WebSocket, and they never will https://www.leviathansecurity.com/blog/the-balancing-act-online-security-vs-privacy monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/ai-augments-hackers-but-wont-replace-them monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/2023-competitive-security-feature-review-mobile-platform-scam-and-phishing-prevention monthly 0.5 2024-02-21 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1614a48a-d938-4d4d-a105-af1eeefa6970/2023+Mobile+Security+Review+%282%29.jpg Blog - 2023 Competitive Security Feature Review: Mobile Platform Scam and Phishing Prevention - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/our-most-common-pen-test-finding-vulnerabilities-in-third-party-components monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/building-a-pwnagotchi-with-the-waveshare-213in-display-version-3 monthly 0.5 2024-03-08 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/8f182650-fd99-4ff8-8216-eb501f909984/Picture1.png Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/bd72b24c-f2a7-4d78-bab2-dc258d5c14ec/Picture2.png Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1edf1bd9-7c07-4eea-ae3b-7b28d51a417c/Picture3.png Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6f0a0b6e-b9df-4cdc-b5e8-fc003467c19a/Picture4.png Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ec5c963c-5db3-4e3b-853f-34dbba100ce1/Picture5.jpg Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/e2ae4222-0532-48a7-9eed-db3ced8b6a9d/Picture6.png Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/12065965-4ed3-4335-83aa-3d7d28b6ecb0/Picture7.png Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/34e83892-e7c7-4046-9680-2259b4275cec/Picture8.png Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a3a6bb44-3ea7-448d-ad84-a8f8e656c61f/Picture9.jpg Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2dd6be33-709e-4d27-a2ae-cc6deb9a7e00/Picture10.png Blog - Building a Pwnagotchi with the Waveshare 2.13in display version 3 - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/attacking-gos-lagged-fibonacci-generator monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/masa-program-introduction monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/mobile-platform-scam-and-phishing-prevention monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/would-you-like-to-play-a-game-increasing-security-and-compliance-through-gamification monthly 0.5 2024-02-21 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636439414639-4KZXJCG57JEJDXC9YUGL/Tabletop+Exercise.png Blog - Would You Like To Play A Game? Increasing Security and Compliance Through Gamification of Tabletop Exercises - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/kubernetes-and-container-security-white-paper monthly 0.5 2024-02-21 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1632326130409-APXJNNWIVMR2DV30ELMD/Frame+5.png Blog - Kubernetes and Container Security - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/leviathan-security-group-offers-pre-draft-comments-on-nist-sp-800-66-implementing-the-hipaa-security-rule monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/common-security-certifications-and-audits-a-review-of-some-standard-security-certifications-for-saas-vendors monthly 0.5 2021-11-12 https://www.leviathansecurity.com/blog/initial-steps-towards-a-risk-management-plan-creating-a-basic-risk-register monthly 0.5 2024-03-03 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636442351975-ROCLMP63Y426X4QHFWSG/nist800_30_risk_table.png Blog - Initial Steps Towards A Risk Management Plan: Creating A Basic Risk Register - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/contingency-planning-and-business-continuity monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/cybersecurity-recommendations-in-a-rapidly-emerging-telework-environment monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/mining-technical-debt-for-fun-and-profit monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/initial-release-of-the-dod-cybersecurity-maturity-model-certification monthly 0.5 2024-02-21 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636007127650-5QUQPILYTR8IP7ZQQ4K6/CMMC_v1_Timeline.png Blog - Initial Release of the DOD Cybersecurity Maturity Model Certification - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/getting-started-with-the-upcoming-dod-cybersecurity-maturity-model-certification monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/client-side-authorization monthly 0.5 2024-10-25 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636447743369-SRZGJR0QBHH76Y56ZKFR/green%2Bscreen+Blog+Image.jpg Blog - Client-Side Authorization - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/dark-matter-and-measuring-security monthly 0.5 2024-10-25 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636448134763-QNPSD6080DW8ULFRR84S/asymtope.png Blog - Dark Matter and Measuring Security - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636448116518-HGA1SWHSK8CBJ26INV59/whack%2Ba%2Bmole.png Blog - Dark Matter and Measuring Security - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636448092138-Q7MJ13GMQ13F0GGLRXEM/faster%2Bthan.jpg Blog - Dark Matter and Measuring Security - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636448051197-7ST72P6YCX4B3ZCX9UPJ/who%2Bme.jpg Blog - Dark Matter and Measuring Security - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/aslr-protection-for-statically-linked-executables monthly 0.5 2025-05-30 https://www.leviathansecurity.com/blog/the-calculus-of-threat-modeling monthly 0.5 2024-10-25 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636449080679-D0VJ09QPGPJLCWHX8HP6/Spy+vs+Spy.png Blog - The Calculus of Threat Modeling - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636449162258-EKZOEONY4FVBJZB96XFO/severity+of+a+hack.png Blog - The Calculus of Threat Modeling - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636449243595-Y2SCT5359L343HQ0GV7Y/threat%2Bmodeling%2Bphoto.jpg Blog - The Calculus of Threat Modeling - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636449263615-RJRABAF54B2WCSXB2AOI/Blog+Server+design+3.png Blog - The Calculus of Threat Modeling - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636449292248-CL6RXH7ISBEJ594KPG10/Blog+Server+design+2.png Blog - The Calculus of Threat Modeling - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636448941375-EORIDW9J1IV383835IDA/Blog+Server+design.png Blog - The Calculus of Threat Modeling - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/a-minimum-viable-risk-management-program-rachael-lininger-1 monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/temporary-workarounds-shouldnt-last-longer-than-permanent-solutions monthly 0.5 2021-11-09 https://www.leviathansecurity.com/blog/wannacry-as-the-regulatory-brown-mm monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/roll-for-initiative monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/compliance-as-a-cost-of-customer-acquisition monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/on-changing-password-guidance-a-good-first-step-from-microsoft monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/us-regulatory-outlook-for-2017 monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/reverse-engineering-firefox-and-tor-targeted-payload monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/making-your-security-story-work-for-you-how-to-not-trigger-sales-objections monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/securing-systems-youre-planning-on-replacing monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/small-startups-pursuing-big-customers monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/iphone-spyware-trident-exploit-chain monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/lastpass-and-how-to-respond-to-zero-day-vulnerabilities monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/bulk-aslr-data-analysis monthly 0.5 2024-10-25 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637266016028-B9K3FZ7J5DLR5ZN71XPM/Bulk+ASLR+Data+5.png Blog - Bulk ASLR Data Analysis - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637265956254-LWMUQEE56MRS27TOAZKN/Bulk+ASLR+Data+4.png Blog - Bulk ASLR Data Analysis - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637265849776-SHCUSYJQ2OFEE9F8WXFU/Bulk+ASLR+Data+3.png Blog - Bulk ASLR Data Analysis - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637265581608-BJR4GB4M9AUN56SKKB3P/Bulk+ASLR+Data+2.png Blog - Bulk ASLR Data Analysis - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637265533359-XQ9BFIRO6R250ZC2NBE4/Bulk+ASLR+Data+Bottom.png Blog - Bulk ASLR Data Analysis - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/the-cobblers-children-and-source-code-integrity-or-why-your-source-code-repositories-need-better-shoes monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/guidance-openssl-vulnerability-cve-2015-1793 monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/guidance-flash-vulnerability-cve-2015-5119 monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/quantifying-the-cost-of-forced-localization monthly 0.5 2024-02-21 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637266641783-1VGDCEN9PZZX07BZHS05/Forced+Localization.png Blog - Quantifying the Cost of Forced Localization - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/strengthening-the-nations-defense monthly 0.5 2025-05-30 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637272566419-ONFP7WBBZV0XPYIKWZ69/Screenshot+of+CBS+Story.png Blog - Strengthening the Nation’s Defense https://www.leviathansecurity.com/blog/unpopular-opinion-csi-cyber-could-be-good-for-information-security monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/the-harms-of-forced-data-localization monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/scarcity-of-cybersecurity-expertise monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/the-next-level monthly 0.5 2024-02-21 https://www.leviathansecurity.com/blog/the-case-of-the-modified-binaries monthly 0.5 2024-02-21 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637282220643-DWWDRNS858HJWOPWQYZX/failedSigs.png Blog - The Case of The Modified Binaries - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637282247367-0A38QXPUUYAIUAACOVSD/Google_error_80200053-e1414104864149.png Blog - The Case of The Modified Binaries - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637282267297-0RZPJPP6B5QD9GMKZ98Z/question.png Blog - The Case of The Modified Binaries - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637282311756-8LUHM6429KDA8BUML8FK/answer.png Blog - The Case of The Modified Binaries - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637282690313-SAX87A7XHB59NOYU1GE6/NSIScheck.png Blog - The Case of The Modified Binaries - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637282710989-9UVD8DHL1Z9LF54QS8B1/NSISerror.png Blog - The Case of The Modified Binaries - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637282731502-0GW719UT9UBVXMTZ5QRR/topCountries.png Blog - The Case of The Modified Binaries - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637282764639-B9YIC6MG00GO8T2STV1T/falseNegative.png Blog - The Case of The Modified Binaries - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/spideroaks-crypton-design-and-implementation-evaluation monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/leviathans-mandatory-heartbleed-blog-entry monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/use-of-windows-exception-handling-metadata monthly 0.5 2024-10-25 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637286043470-S9RDAYTEG1FJU0Y8DGAT/Stack-Frame-x86.png Blog - Use of Windows Exception Handling Metadata - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637286001820-O7SZ656HQYQI2WQBV8CQ/Stack-Frame-EM64T-fixed.png Blog - Use of Windows Exception Handling Metadata - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637285985861-55UP1T7HESSTZVZM305J/Stack-Frame-EM64T-dynamic.png Blog - Use of Windows Exception Handling Metadata - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1637286061273-04GAUROTJLFYH854NVWD/UnwindInfo.png Blog - Use of Windows Exception Handling Metadata - Make it stand out Whatever it is, the way you tell your story online can make all the difference. https://www.leviathansecurity.com/blog/introducing-ftrace monthly 0.5 2025-05-30 https://www.leviathansecurity.com/blog/who-needs-cracking-give-me-the-plaintext monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/the-double-edged-sword-of-hsts-persistence-and-privacy monthly 0.5 2024-10-25 https://www.leviathansecurity.com/blog/category/Application+Security monthly 0.5 https://www.leviathansecurity.com/blog/category/Network+Security monthly 0.5 https://www.leviathansecurity.com/blog/category/Financial monthly 0.5 https://www.leviathansecurity.com/blog/category/privacy monthly 0.5 https://www.leviathansecurity.com/blog/category/DORA monthly 0.5 https://www.leviathansecurity.com/blog/category/Enterprise+Security monthly 0.5 https://www.leviathansecurity.com/blog/category/Risk+Advisory monthly 0.5 https://www.leviathansecurity.com/blog/category/EU+Regulations monthly 0.5 https://www.leviathansecurity.com/blog/category/Hardware+Security monthly 0.5 https://www.leviathansecurity.com/blog/tag/federated+authentication monthly 0.5 https://www.leviathansecurity.com/blog/tag/emergency+planning monthly 0.5 https://www.leviathansecurity.com/blog/tag/Juniper monthly 0.5 https://www.leviathansecurity.com/blog/tag/software monthly 0.5 https://www.leviathansecurity.com/blog/tag/eighthundredfeet monthly 0.5 https://www.leviathansecurity.com/blog/tag/critical+infrastructure monthly 0.5 https://www.leviathansecurity.com/blog/tag/security+metrics monthly 0.5 https://www.leviathansecurity.com/blog/tag/DoS monthly 0.5 https://www.leviathansecurity.com/blog/tag/disaster+recovery monthly 0.5 https://www.leviathansecurity.com/blog/tag/burpsuite monthly 0.5 https://www.leviathansecurity.com/blog/tag/Security monthly 0.5 https://www.leviathansecurity.com/blog/tag/iOS monthly 0.5 https://www.leviathansecurity.com/blog/tag/sso monthly 0.5 https://www.leviathansecurity.com/blog/tag/authorization monthly 0.5 https://www.leviathansecurity.com/blog/tag/cloud monthly 0.5 https://www.leviathansecurity.com/blog/tag/start-up+security monthly 0.5 https://www.leviathansecurity.com/blog/tag/websocket monthly 0.5 https://www.leviathansecurity.com/blog/tag/tunnelvision monthly 0.5 https://www.leviathansecurity.com/blog/tag/Protection monthly 0.5 https://www.leviathansecurity.com/blog/tag/cellular+networks monthly 0.5 https://www.leviathansecurity.com/blog/tag/bitwise+functions monthly 0.5 https://www.leviathansecurity.com/blog/tag/cellphone+service monthly 0.5 https://www.leviathansecurity.com/blog/tag/cognito monthly 0.5 https://www.leviathansecurity.com/blog/tag/risk+management monthly 0.5 https://www.leviathansecurity.com/blog/tag/wifi monthly 0.5 https://www.leviathansecurity.com/blog/tag/ssrf monthly 0.5 https://www.leviathansecurity.com/blog/tag/cloud+security monthly 0.5 https://www.leviathansecurity.com/blog/tag/threat-led+penetration+testing monthly 0.5 https://www.leviathansecurity.com/blog/tag/Phishing monthly 0.5 https://www.leviathansecurity.com/blog/tag/network+security monthly 0.5 https://www.leviathansecurity.com/blog/tag/polynomials monthly 0.5 https://www.leviathansecurity.com/blog/tag/risk+advisory monthly 0.5 https://www.leviathansecurity.com/blog/tag/Financial monthly 0.5 https://www.leviathansecurity.com/blog/tag/cryptography monthly 0.5 https://www.leviathansecurity.com/blog/tag/vulnerability monthly 0.5 https://www.leviathansecurity.com/blog/tag/cybersecurity monthly 0.5 https://www.leviathansecurity.com/blog/tag/SDLC monthly 0.5 https://www.leviathansecurity.com/blog/tag/Android monthly 0.5 https://www.leviathansecurity.com/blog/tag/digital+logic monthly 0.5 https://www.leviathansecurity.com/blog/tag/Public+Disclosure monthly 0.5 https://www.leviathansecurity.com/blog/tag/CVE monthly 0.5 https://www.leviathansecurity.com/blog/tag/r3dir monthly 0.5 https://www.leviathansecurity.com/blog/tag/IAM monthly 0.5 https://www.leviathansecurity.com/blog/tag/application+security monthly 0.5 https://www.leviathansecurity.com/blog/tag/Penetration+Testing monthly 0.5 https://www.leviathansecurity.com/blog/tag/x64 monthly 0.5 https://www.leviathansecurity.com/blog/tag/Scam monthly 0.5 https://www.leviathansecurity.com/blog/tag/software+security monthly 0.5 https://www.leviathansecurity.com/blog/tag/Exploit+Development monthly 0.5 https://www.leviathansecurity.com/blog/tag/Vulnerability+Discovery monthly 0.5 https://www.leviathansecurity.com/blog/tag/mathematics monthly 0.5 https://www.leviathansecurity.com/blog/tag/owasp monthly 0.5 https://www.leviathansecurity.com/blog/tag/Reverse+Engineering monthly 0.5 https://www.leviathansecurity.com/blog/tag/pentesting monthly 0.5 https://www.leviathansecurity.com/blog/tag/Prevention monthly 0.5 https://www.leviathansecurity.com/blog/tag/DORA+compliance monthly 0.5 https://www.leviathansecurity.com/blog/tag/open+source monthly 0.5 https://www.leviathansecurity.com/blog/tag/cve monthly 0.5 https://www.leviathansecurity.com/blog/tag/saml monthly 0.5 https://www.leviathansecurity.com/blog/tag/Features monthly 0.5 https://www.leviathansecurity.com/blog/tag/penetration+testing monthly 0.5 https://www.leviathansecurity.com/blog/tag/Hardware monthly 0.5 https://www.leviathansecurity.com/blog/tag/redundancy monthly 0.5 https://www.leviathansecurity.com/blog/tag/libevent monthly 0.5 https://www.leviathansecurity.com/blog/tag/TLPT monthly 0.5 https://www.leviathansecurity.com/blog/tag/denial+of+service monthly 0.5 https://www.leviathansecurity.com/blog/tag/websockets monthly 0.5 https://www.leviathansecurity.com/blog/tag/Security+Industry monthly 0.5 https://www.leviathansecurity.com/blog/tag/security+program monthly 0.5 https://www.leviathansecurity.com/blog/tag/authentication monthly 0.5 https://www.leviathansecurity.com/blog/tag/owasp+top+10 monthly 0.5 https://www.leviathansecurity.com/blog/tag/fuzzing monthly 0.5 https://www.leviathansecurity.com/blog/tag/EU+regulations monthly 0.5 https://www.leviathansecurity.com/blog/tag/meteor monthly 0.5 https://www.leviathansecurity.com/blog/tag/mfa monthly 0.5 https://www.leviathansecurity.com/blog/tag/vulnerability+management monthly 0.5 https://www.leviathansecurity.com/blog/tag/chipset monthly 0.5 https://www.leviathansecurity.com/blog/tag/baseband monthly 0.5 https://www.leviathansecurity.com/blog/tag/web+applications monthly 0.5 https://www.leviathansecurity.com/blog/tag/multi-factor+authentication monthly 0.5 https://www.leviathansecurity.com/blog/tag/bypass monthly 0.5 https://www.leviathansecurity.com/blog/tag/filter monthly 0.5 https://www.leviathansecurity.com/blog/tag/ttp monthly 0.5 https://www.leviathansecurity.com/blog/tag/SSTI monthly 0.5 https://www.leviathansecurity.com/blog/tag/UEFI monthly 0.5 https://www.leviathansecurity.com/blog/tag/BIOS monthly 0.5 https://www.leviathansecurity.com/blog/tag/vpn monthly 0.5 https://www.leviathansecurity.com/blog/tag/DevSecOps monthly 0.5 https://www.leviathansecurity.com/blog/tag/x86 monthly 0.5 https://www.leviathansecurity.com/blog/tag/UEFITool monthly 0.5 https://www.leviathansecurity.com/blog/tag/Logan+George monthly 0.5 https://www.leviathansecurity.com/blog/tag/server+side+request+forgery monthly 0.5 https://www.leviathansecurity.com/blog/tag/aws monthly 0.5 https://www.leviathansecurity.com/home daily 1.0 2026-03-20 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/010e65cd-494e-4fd2-9089-47453d769e83/Penetration_Testing_Services https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/29d7ff29-a491-42df-8643-95cc2d127628/Risk_Advisory_Services https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a464c6e5-da43-4d62-ab1b-53cf787c6761/Hardware_Security_Penetration_Testing https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b565282c-5978-4261-a681-6bf3e574613c/Vendor_Security_Services https://www.leviathansecurity.com/about-us daily 0.75 2026-03-13 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1635969408495-27XWUO91F4XCWBS6HKZN/Frank%2BHeidt%2BHeadshot.jpg About Us https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1635969448424-H5LIUKUEE4XHXU9NP1FA/Marcela%252BHeidt.jpg About Us https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/29995e4a-fa9c-42d2-b5db-262390d071bd/Screenshot+2024-01-22+at+3.04.34%E2%80%AFPM.jpg About Us https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/813a4dd5-6557-4c04-a8fb-ab65149c536a/Brian+Campbell+CTO.jpg About Us https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a005e36e-bbc9-4cf5-b34e-ca231d4ede84/Vidhi+Sharma+-+VSA+Practice+Lead.jpg About Us https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/4646f9ca-12ed-4e61-8105-895e8e57c15c/SarahP.png About Us https://www.leviathansecurity.com/contact daily 0.75 2026-02-24 https://www.leviathansecurity.com/careers daily 0.75 2025-05-30 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636150183601-2DATEFPB3LOTKHIJNZKR/man-coding-in-office-2021-09-24-03-57-00-utc.jpg https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1636070677298-PK833COKF5G9SA6QDUL7/unsplash-image-QckxruozjRg.jpg https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1635450472060-IT0854IIZ1X13FECOWIS/seattle-2021-08-29-01-19-17-utc.jpg https://www.leviathansecurity.com/google-programs daily 0.75 2024-05-22 https://www.leviathansecurity.com/programs/google-casa-cloud-application-security-assessment daily 0.75 2025-05-27 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6757f45c-f8a6-4b22-9607-693d43401ca6/CASA+PROCESS.png https://www.leviathansecurity.com/programs/app-defense-alliance-ada-mobile-application-profile-map-assessment daily 0.75 2026-03-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6ccae72e-09d4-47d2-8f29-9fbd12f08b10/MASA+PROCESS.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a422a0be-acb9-4f00-9dbf-cc550bd05ac5/MASA+BENEFIT.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/9a89007f-f23e-44d2-b25f-7a4a4c16ac06/MASA+BENEFIT+2.png https://www.leviathansecurity.com/privacy-policy daily 0.75 2025-11-24 https://www.leviathansecurity.com/services/vendor-security-management daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/bd67d29c-6ecd-4127-b105-2e29e28fae2f/VSA+Percentages+-+Breach.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a889f11a-7027-4727-8233-d56d8eb34db0/VSA+Percentages+-+Prepared.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/55cedbb5-2378-4fbb-ba65-664366f8adcb/VSA+Page+-+Process.png https://www.leviathansecurity.com/programs/google-nest-security-assessment daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ac49d1f8-e305-4a3c-8c49-7111b6a1dab5/Nest+Page.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2a410af4-1b02-42b5-9971-37a731eaa4ca/14.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a23c49a9-8314-4484-bdf2-3c9dd371c769/13.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/0753f278-1433-4498-ad68-2cfb380914a6/16y.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/7202e2db-1372-4219-ab6e-a9ea448ee949/7.png https://www.leviathansecurity.com/services/risk-advisory-services/virtual-chief-information-security-officer daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2a410af4-1b02-42b5-9971-37a731eaa4ca/14.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ccf563b7-0faf-4fcf-af10-0a7f979dc029/8.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b133703c-c26c-48f1-95b6-8967e4d41d98/16.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d835a821-c423-43be-a929-84ebe92324a7/6.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/57a02d6c-3afa-4d1c-b8f1-0ff6df67345f/12.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a23c49a9-8314-4484-bdf2-3c9dd371c769/13.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/7202e2db-1372-4219-ab6e-a9ea448ee949/7.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6422a021-f5df-4646-bf4b-7eb20704f55c/4.png https://www.leviathansecurity.com/services/risk-advisory-services/tabletop-exercises daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2a410af4-1b02-42b5-9971-37a731eaa4ca/14.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ccf563b7-0faf-4fcf-af10-0a7f979dc029/8.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b133703c-c26c-48f1-95b6-8967e4d41d98/16.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d835a821-c423-43be-a929-84ebe92324a7/6.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/57a02d6c-3afa-4d1c-b8f1-0ff6df67345f/12.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a23c49a9-8314-4484-bdf2-3c9dd371c769/13.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/7202e2db-1372-4219-ab6e-a9ea448ee949/7.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6422a021-f5df-4646-bf4b-7eb20704f55c/4.png https://www.leviathansecurity.com/research/tunnelvision daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b133703c-c26c-48f1-95b6-8967e4d41d98/16.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/1cc753d1-670b-4ec4-9470-4543b777c5d2/18.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6422a021-f5df-4646-bf4b-7eb20704f55c/4.png https://www.leviathansecurity.com/press-box daily 0.75 2026-03-10 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/cd47d6f4-41a0-4919-a1e7-495ff993d6ca/CSO.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/7db9ef86-7f3a-4066-806a-f841829ed464/wired.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6b18c0ba-7148-4bf1-bc70-1a5f8378370d/krebs.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ae4b0f07-e0cc-4c0f-9c7b-cc371bf85fd0/ArsTechnica.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/4e47f8c8-e4df-49c1-9bdb-6c949d31b0e3/PCMag.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/7cb18468-54b9-4e5f-9c10-598dd335cba5/SCMedia.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/e506ef1c-dbe7-4da9-a869-5d52ae373b8d/PCWorld.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/3fb9fe7b-585a-4935-b58e-ab29294faa67/zdnet.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/8b7e9403-6351-4c1f-96f3-5214337e77dc/helpnetsecurity.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b4d8fc68-47ed-45dd-940e-47ed7db5d559/TheRegister.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/c122d7ec-88ec-4673-9a6e-2e07b91da276/SecurityWeek_Dark_News.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/309cdf49-1df1-4125-bb44-7956c39d2dc7/bleepingcomputer.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/cd47d6f4-41a0-4919-a1e7-495ff993d6ca/CSO.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/c91d0419-a439-4aa8-b0e6-a930b068afe4/ghacks.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/e2666ed5-7e83-4624-b94b-e1a01225078e/computing.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/3b114ac4-1f81-4636-b86f-735929d85055/cropped-ooda-loop-logo-2015-3.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2f04a457-faf0-4d95-9301-f1b45095b8aa/CyberExpress-logo-black-300-width.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d94295ae-fad5-40cb-bade-9ff7146d8607/GBHackers-On-Security-272-x-90-px-322-x-50-px-422-x-50-px.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d6e1e1dc-8436-4c1b-88a1-c8830cf47e06/heise.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d33270ec-705f-489e-a5b4-7182a706a24f/newsnine.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a045f16b-e57e-4dee-bdbe-311efcea0fb0/gigazine.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6fb4bbd2-5e31-41d7-b748-517637174a58/hackaday.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b15ed8d8-bc3c-4392-ad09-44180387f0de/vpncompare.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ce3af3ba-9d80-4599-9200-6abe65aaeaf4/thehackernews.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/9c080b76-9b02-442c-afd6-f58f39856294/k2-logo.jpg https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/cd47d6f4-41a0-4919-a1e7-495ff993d6ca/CSO.png https://www.leviathansecurity.com/services/network-security/network-penetration-testing daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2a410af4-1b02-42b5-9971-37a731eaa4ca/14.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ccf563b7-0faf-4fcf-af10-0a7f979dc029/8.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b133703c-c26c-48f1-95b6-8967e4d41d98/16.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d835a821-c423-43be-a929-84ebe92324a7/6.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/57a02d6c-3afa-4d1c-b8f1-0ff6df67345f/12.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a23c49a9-8314-4484-bdf2-3c9dd371c769/13.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/7202e2db-1372-4219-ab6e-a9ea448ee949/7.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6422a021-f5df-4646-bf4b-7eb20704f55c/4.png https://www.leviathansecurity.com/services/application-security/web-application-penetration-testing daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2a410af4-1b02-42b5-9971-37a731eaa4ca/14.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ccf563b7-0faf-4fcf-af10-0a7f979dc029/8.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b133703c-c26c-48f1-95b6-8967e4d41d98/16.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d835a821-c423-43be-a929-84ebe92324a7/6.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/57a02d6c-3afa-4d1c-b8f1-0ff6df67345f/12.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a23c49a9-8314-4484-bdf2-3c9dd371c769/13.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/7202e2db-1372-4219-ab6e-a9ea448ee949/7.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6422a021-f5df-4646-bf4b-7eb20704f55c/4.png https://www.leviathansecurity.com/services/application-security/secure-code-review daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2a410af4-1b02-42b5-9971-37a731eaa4ca/14.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ccf563b7-0faf-4fcf-af10-0a7f979dc029/8.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b133703c-c26c-48f1-95b6-8967e4d41d98/16.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d835a821-c423-43be-a929-84ebe92324a7/6.png https://www.leviathansecurity.com/services/hardware-security/smart-device-and-iot-security-assessment daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2a410af4-1b02-42b5-9971-37a731eaa4ca/14.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ccf563b7-0faf-4fcf-af10-0a7f979dc029/8.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b133703c-c26c-48f1-95b6-8967e4d41d98/16.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d835a821-c423-43be-a929-84ebe92324a7/6.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/57a02d6c-3afa-4d1c-b8f1-0ff6df67345f/12.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a23c49a9-8314-4484-bdf2-3c9dd371c769/13.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/7202e2db-1372-4219-ab6e-a9ea448ee949/7.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6422a021-f5df-4646-bf4b-7eb20704f55c/4.png https://www.leviathansecurity.com/shopify-technology-partners daily 0.75 2026-01-08 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/bd5155a1-07a4-4a2f-aebd-09f52a4c7c3a/shopify_logo_white.png https://www.leviathansecurity.com/programs/google-masa-mobile-application-security-assessment-1 daily 0.75 2025-01-15 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a422a0be-acb9-4f00-9dbf-cc550bd05ac5/MASA+BENEFIT.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/9a89007f-f23e-44d2-b25f-7a4a4c16ac06/MASA+BENEFIT+2.png https://www.leviathansecurity.com/services/application-security/web-application-penetration-testing-1 daily 0.75 2026-02-24 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/2a410af4-1b02-42b5-9971-37a731eaa4ca/14.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/ccf563b7-0faf-4fcf-af10-0a7f979dc029/8.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/b133703c-c26c-48f1-95b6-8967e4d41d98/16.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/d835a821-c423-43be-a929-84ebe92324a7/6.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/57a02d6c-3afa-4d1c-b8f1-0ff6df67345f/12.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/a23c49a9-8314-4484-bdf2-3c9dd371c769/13.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/7202e2db-1372-4219-ab6e-a9ea448ee949/7.png https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/6422a021-f5df-4646-bf4b-7eb20704f55c/4.png https://www.leviathansecurity.com/programs/oracle-cloud-approved-security-partner daily 0.75 2026-01-22 https://www.leviathansecurity.com/app-defense-alliance daily 0.75 2026-01-29 https://www.leviathansecurity.com/acqusition-by-k2-integrity daily 0.75 2026-03-10 https://images.squarespace-cdn.com/content/v1/6128b1eb2eb2cf15b7a35a2f/9c080b76-9b02-442c-afd6-f58f39856294/k2-logo.jpg