Blog

Desktop applications handle critical business operations across enterprises. Banking software processes transactions. Healthcare apps store patient records. Manufacturing tools control production systems. They all share common security challenges that standard desktop application testing approaches miss. The problem is straightforward: most security testing methodologies were built for web and mobile applications. They don’t account for direct […]

Thick-client penetration testing is a critical gap in most enterprise security programs. Banking software, trading platforms, healthcare systems, and manufacturing tools – these desktop applications handle your organization’s most sensitive data and critical operations. But when was the last time you actually tested their security? If you’re relying on the same penetration testing approach you […]

Are you testing desktop app security and need to know what process to follow? That’s what this desktop application security testing checklist is for. Desktop applications are fundamentally different from web and mobile apps – and those differences create unique security challenges. Web applications run mostly server-side, behind your firewalls and security controls. The browser […]

macOS stored complete download URLs – including authentication tokens and API keys – in persistent file metadata through the kMDItemWhereFroms extended attribute, exposing sensitive credentials to local attackers and malicious applications for lateral movement. Apple silently patched the vulnerability around macOS Tahoe without CVE assignment, public acknowledgment, or researcher credit, violating responsible disclosure norms two years after the initial report.

The article discusses vulnerabilities in the Sparkle framework on macOS, related to improper XPC client validation. This leads to two main threats: a TCC Bypass (CVE-2025-10015) and Local Privilege Escalation (LPE) (CVE-2025-10016). Malicious applications can exploit these vulnerabilities to access TCC-protected files and escalate privileges. A proof of concept shows how an attacker can read sensitive files on the Desktop without triggering permission requests, highlighting the risks associated with services in applications like Ghostty.

Desktop application security lacked unified standards—until now. DASVS provides a structured approach to securing Windows, macOS, and Linux applications with clear verification levels and technical security controls.

Our roadmap includes the Desktop Application Security Testing Guide (DASTG) and an automated security assessment tool. Join the community and help shape the future of desktop security!

From phreaking roots to cutting-edge research, Phrack has always been a space where hackers teach hackers. Forty years on, the mission hasn’t changed—it’s only grown stronger. This article dives into Phrack Magazine’s remarkable journey and its milestone 40th anniversary. From its beginnings in the 80s underground to its global presence today, we’ll look at how Phrack shaped hacker culture, what the latest issue means for the community, and how contributors—past and present—continue to keep the signal alive.

Microsoft’s .NET MAUI framework for macOS contains a vulnerability that bypasses the Hardened Runtime protection by failing to enforce code signing validation on managed DLLs in the MonoBundle directory. It allows arbitrary code injection via modified assemblies despite the main executable being properly signed and hardened. Consequently, all .NET MAUI macOS applications are exposed to code injection, privilege escalation, and TCC permission bypasses.

This article examines how the misconfigured get-task-allow entitlement in macOS apps enables code injection and TCC bypass. It builds on large-scale testing of notarized applications and highlights the risks of weakened security boundaries.

This post shows how an apparent format string vulnerability in Apple’s TCC daemon isn’t actually exploitable due to assembly-level stack manipulation that inadvertently provides the missing arguments. It demonstrates how bugs aren’t always what they seem, as low-level calling conventions, compiler optimizations, or decompiler artifacts can mask or fix high-level code issues.