29 July 2021

The Power of Pair Hacking

For years now at Cyrex, we’ve implemented the pair hacking method for our penetration testing. It’s a staple in our success as a cybersecurity company, approaching testing more like a hacking group. The results speak for themselves.

We’ve mentioned it before, during our bug bounty work on Apple or when we hacked an Oculus, now it’s time to take a deeper dive.

What is pair hacking?

Pair hacking is our method of conducting penetration testing. Simply put, when we begin any testing, we do so in pairs or more.

For us, it was an easy choice. It matches our way of thinking, and it emulates the way in which black hat hacker collectives work. For an effective and productive hack, we believe the key is collaboration and communication. For example, if two people read the same book, there might be many things that they agree on. Themes or imagery that they might have both seen. However, it’s expected that they’d both get different interpretations of aspects of the book. This is easily transferred over to the detail-oriented work of penetration testing.

Each engineer sees things differently. And by combining and communicating, they can cover the same landscape with layers of verification. For us, one engineer just doesn’t cut it anymore. The ability to verify and check certain vulnerabilities or injection points off another engineer is invaluable.

It is a direct, streamlined avenue of workflow.

Pros and cons

The only con really is the requirement of engineers. The difficulties of scalability and availability are management challenges rather than any practical negative associated with the testing. But, at Cyrex, we do love the challenge.

However, there are many advantages to this method. The one we always come back to is the emulation of typical hacker behaviour. Black hat hackers don’t act alone, they don’t go it solo. They work in groups, communities. Huge collectives, all dedicated to cracking and breaking through whatever security is in front of them.

Why shouldn’t the security engineers act in the same way? With communication and collaboration, security teams can cover the same application in a much shorter time. It’s like mixing the best of penetration testing and bug bounty programs, which we’ve discussed before.

Pair hacking takes the professionalism of penetration testing and acts more like a bug bounty program. With more testers on hand, everything is verified against one another.

One example of this verification is during a routine penetration test of a game for a client. One engineer noticed the random session token had a set prefix that didn’t seem to change. With the other engineer now informed of this unusual item, they began investigating. They discovered that it wasn’t random, as a session token should be, it always started with their player IDs. From there, the engineers were able to follow the ID back, utilise them and deploy malicious payloads directly into the system.

That critical vulnerability was only discovered thanks to the collaboration between the two engineers. Had they been working individually, it would have been much harder to check.

Transfer of knowledge

Another benefit to collaboration is the constant transfer of knowledge. With engineers constantly working together, the pairs changing and crossing paths, they are constantly learning.

Each engineer is the culmination of years of practical experience and theoretical learning. Combining them and putting them in constant communication means that experience and learning is shared. From there, each engineer grows as an individual tester and expert. And with a team of collaborators, the efficiency when they combine efforts is increased exponentially. Our teams know each other’s methods inside and out, which means we can secure your system in a flash.

Why should you consider pair hacking?

The results speak for themselves! We moved to pair hacking to try and match the black hat scene in terms of speed and efficiency. Ultimately, we found ourselves in a position to deliver outstanding quality to our customers at the speed we desired.

No more individual engineers crossing off a list of use cases and injection points. Instead, our pairs double down and know they’ve leveraged every available resource and piece of knowledge in securing our client against potential threats.

Pair hacking is the direct line to delivering quality results in record times.

Closing out

For us and our clients, we’ve seen the positive results that pair hacking delivers. So, we’re a little confused why so few other companies are engaging in this way. We hope that in the future, other security companies take up this fight. We’ve seen what it can do for our clients, and we believe it’s the way forward in the fight against hackers.

If you’d like to learn more about our penetration testing, you can see how we approach games and applications on our website. You can also find some of our past clients, as well as anonymised security reports! And if you’d like to get in touch, we’d love to hear from you!