The OWASP Top 10 is considered the global standard for web application security. It highlights the main risks and indicates where companies should...
OWASP Top 10 2025 Released: Our Insights and Contribution
read more
Pentest
From Windows 10 to 11: Pentest Protects Against Vulnerabilities After Migration
On October 14, 2025, Microsoft stopped supporting Windows 10, forcing many companies to switch to Windows 11. This not only offers new features but...
Revealing XSS Vulnerabilities in Web Application Pentests: Understanding the Risk
Cross-site scripting (XSS) is one of the most well-known vulnerabilities in web applications, yet our security analysts at usd HeroLab encounter it...
How to Strengthen Your Email Security: Insights from Our Pentesters
Email security is a key factor in application development and system configuration. Vulnerabilities in this environment can lead to data leaks and...
More Security for Connected Systems: Pentesting OT and IoT Systems In a Nutshell
Industrial systems, medical devices, connected machines in production, or embedded systems in vehicles: digitalization even affects systems that...
Security Advisories on Agorum Core Open
The pentest professionals at usd HeroLab examined Agorum Core Open during the execution of their pentests.. While analyzing the...
Fat Client Pentests: Inspection and Proxying Network Traffic in Desktop Applications
When testing a desktop application, also referred to as a fat client or thick client, the analysis of network traffic plays a central role in any...
Hacker Contest Challenge of Summer Semester 2025: Sample Solution online
In the summer semester 2025, the popular “Hacker Contest” at the Technical University of Darmstadt (TU) and Darmstadt University of Applied Sciences...
TU meets usd: Students Gain Hands-On Insights into Information Security and Pentesting
During the winter semester 2024/25, students from Technische Universität Darmstadt had the opportunity to participate in two academic cooperations...
Red Teaming: Challenge Your Security Architecture With the Final Boss
IT security is no longer just a concern for a company's IT department - it is an integral part of the entire company. However, many security...
Security Advisory on Element Android
The pentest professionals at usd HeroLab examined the Element application for Android during their pentests. They identified a vulnerability in the...
Understanding Security Code Reviews, Greybox and Whitebox Pentests: Which Method Is Right for You?
As the number of cyber attacks continues to rise, effective security analysis is more crucial than ever in protecting software and data. In...