Case Studies
Full technical write-ups of representative engagements — what we scoped, how we exploited it, the business impact, and what changed after remediation. Each maps to OWASP, MITRE ATT&CK / ATLAS, and CIS Benchmarks.
From a Single IDOR to Full Customer Data Compromise
A single Insecure Direct Object Reference in a FinTech portal, chained with a Broken Function Level Authorization flaw, reached ~1.2M customer records — closed for a 92% risk reduction.
Reverse Engineering an Android Banking App
Recovering a hardcoded API key from a shipped APK, bypassing SSL pinning with Frida, and intercepting protected banking traffic — following OWASP MASVS.
A Misconfigured IAM Policy to Full Cloud Compromise
One leaked access key escalated to full AWS account administrator in three permitted API calls, by abusing iam:PassRole and lambda permissions — no exploit required.
From a Phishing Email to Enterprise-Wide Ransomware
A full-scope red team: one spear-phishing email to Domain Admin in under six hours, undetected — then a purple-team exercise that lifted detection coverage 4×.
Prompt Injection Against an Enterprise AI Assistant
Indirect prompt injection plus an over-privileged retrieval tool made a RAG assistant disclose confidential documents across matter boundaries — mapped to the OWASP LLM Top 10 (2025).