News
Practical Web Application Hacking course on BlackHat USA 2021
For the third year in a row, Red Timmy Security will be present at the biggest information security conference in the world: BlackHat USA 2021. We will bring our updated and latest course “Practical web application hacking – Advanced“.
See the complete list of topics and link for registration:
Our latest articles
The thin line between the cloud provider and the customer applications
As penetration testers we are often very aware of the boundaries of the exercise. Scoping is the part of the preperation where we decide what can be tested and what not. This used to be a matter of finding agreement between service owners and testers, and having them all on the same page meant the exercise could start. But nowadays ...
Read More
Read More
When a Denial of Service matters: fighting with risk assessment guys
During a recent Red Team operation we have been asked to attempt the takeover of a domain controller server in a Windows network. After wandering around the LAN for a while, we got stuck inside a machine where we could see a domain admin who had an open session there (Bloodhound’s power), but our low privileges did not allow to ...
Read More
Read More
Bug bounty failure stories to learn from: how we ended up to hack a bank with no reward
With the difficult period of the covid-19 pandemic still ongoing, some collaborators of Red Timmy have lost their job, fired from the employers where they worked. Because bills don't pay themselves, some of us have thought to keep the wolf from the door by investing resources in bug bounty programs, waiting for better times. This post today has a characteristic ...
Read More
Read More
Our training classes
Practical Web Application Hacking – Basic
Learn the fundamentals of web application hacking
Hacking Java Web and Client Apps
Our deep dive course on Java security and deserialization attacks
Practical Web Application Hacking – Advanced
Become an expert on web application hacking
Learning Crypto by defeating Crypto
Learn how to create and develop your own TLS crypto exploits
Red Timmy Blog
We share our latest research in articles and whitepapers on the blog section of this website. Tools will be released regularly and can be found on our GitHub page.