Collaborate Disseminate
I was reading some tweets from @pwnallthethings regarding the John Podesta spear phishing emails.
What the email looked like:
The Change Password button link, notice the domain com-securitysettingpage.tk
From @pwnallt… Continue reading Does Google check for Unicode characters to determine spam now in Gmail?
I have been reading up on Insecure Deserialization and how it can affect Java applications.
https://owasp.org/index.php/Top_10-2017_A8-Insecure_Deserialization
If the captured traffic data include the following patterns it… Continue reading Insecure Deserialization in C# (.NET) – How to identify and test
I’m reading up on Insecure Deserialization and remembered a vulnerability that I read about in some JSON Web Token (JWT) implementations at auth0.
https://owasp.org/index.php/Top_10-2017_A8-Insecure_Deserialization
https:… Continue reading Understanding OWASP 2017 A8 Insecure Deserialization
On various security forums I have seen links to a post about a fictive malicious NPM package harvesting information. The posts title:
I’m harvesting credit card numbers and passwords from your site.
Here’s how.
The be… Continue reading Malicious NPM Package – Does it fit into OWASP Top Ten 2017?
I have just read about a new weaknesses in the WPA2 protocol called KRACKs. The authors of the paper says that they will release scripts that can be used to test if a network is exploitable when they have time. I would like t… Continue reading Are there any detection scripts available for WPA2 Key Reinstallation Attacks (KRACKs)?
I’m currently testing a site where the host header is used for creating a recovery email link. However, when I try to manipulate the host header in Burp I get an HTTP 400 message saying I’m using an invalid hostname. I get this error even … Continue reading Host Header Attack -> Password Reset Poisoning -> ASP.NET Web API 2 hosted as Azure App Services
Is it possible to bypass an XSS filter where “, <,> and & are filtered? Some of the tags are filtered with HTML but some tags also gets removed. I don’t know if this can be used as a bypass somehow.
Characters tha… Continue reading XSS inside SCRIPT tag where ", <,> and & are filtered.
I’m testing an application where the application does not handle special characters but request validation in ASP.NET picks it up and throws an exception.
There have been some different ways to bypass this previously like t… Continue reading Bypass Asp.Net 4.6 "A potentially dangerous Request.QueryString value was detected from the client"
I’m testing an application where the application does not handle special characters but request validation in ASP.NET picks it up and throws an exception.
There have been some different ways to bypass this previously like t… Continue reading Bypass Asp.Net 4.6 "A potentially dangerous Request.QueryString value was detected from the client"
I usually use ping or tracert to get IP-addresses for domains or sub domains and it works really well. However I have stumbled upon a site that seems to use a reverse proxy or something similar because one request to a sub di… Continue reading Get IP of web server located at sub directory level