- Published on
A deep dive into a desktop penetration testing engagement where reverse engineering a .NET thick client revealed flawed cryptography, exposed backend infrastructure, and ultimately enabled full Account Takeover (ATO) through Redis session extraction.