Kick-starting your automation with “cheap labor” as a service. The rise of machines by companies developing disruptive technologies and changing the world.

In the case of Security, one could argue that the Uber of this industry are Bug Bounty companies. They took an industry controlled by consultant security companies reporting vulnerabilities and getting paid on an engagement base payment into what some people call a “democratized world” where responsible disclosure became the world of “civilized mercenaries” or as many bug bounty like to put it they give everyone a change to get paid for their job.

But, is it really…

Many websites [un]willingly allow users to send emails through a simple web request. Knowing this we can automate phishing campaigns with Cartero exploiting the vulnerable web forms to send emails.

While performing WebApp penetration tests, more than one of us have come across those “share this” buttons that generate a mail form allowing users to share data. With some digging around plenty actually give attackers enough variables to send arbitrary emails using the websites’s as a source.

After one engagement where that was useful. I always kept a little script hanging around that would easily allow me to send emails…

Based on our research reported about url-handlers on FaceTime and Messages, here comes the “Enterprise version”. Hacking MSFT through iOS to steal Contact Cards and forcing people to join meetings, has its beauty ☺


As we will be discussing on this and other posts — all part of some social engineering research being done in Section9Labs for our newly released Cartero Frameworkwe have found several interesting issues and attack vectors abusing url-handlers and iOS applications. …

Paid does not necessarily means better, faster or more secure. Exploiting URL handlers in alternative web-browsers to trigger FaceTime and Telephone Calls


Continuing with the Web Browsers & url-handlers research that started with Google Chrome, we decided to expand it into other, not mainstream, web browsers (Atomic and Mercury) to check if they were susceptible to the same type of issues and then some more. …

Exploiting iOS Chrome and FaceTime url-handlers to automate attacks on FaceTime calls. How to create a Social Engineering attack using known iOS issues and cartero.

Work based on @neculaesei work on how to use iOS applications url handlers to make Phone calls on other applications, besides Messages. Update: Also apparently on some similar work presented by @gepeto42 on BSidesLV 2014.


As part of developing new and interesting ways of social engineering people, at Section9Labs we introduced a new Framework called Cartero — a simple multi-platform CLI modular social engineering Framework — that allows people to perform several attacks. …

Social Networks and Social Engineering were meant for each other. Nowadays, people willingly share their private information contact networks, updates, feelings, pictures and files through these networks, basically everything a social engineer perpetrator ever wanted …


Corporations perform penetration tests on their network, web applications, physical infrastructure in order to find and fix vulnerabilities. In the same, way for the last decade these institutions have also been testing their workforce infrastructure to get an idea how aware and prepared they are against social engineering attacks. …

Sympathy for evil, the nature of our game.

Stories, Research and other things to come

stay tuned — new things coming soon …

Section 9 Labs

Security Consulting

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store