Application Security Assessment – Page 4

A Discussion on Serverless Application Vulnerabilities

Posted on August 6, 2020 by Amanda Mates

The main advantage of utilizing serverless architecture, such as Amazon Web Services (AWS), is that it is a great way to build applications without having to manage the infrastructure. The provider will provision, scale, and maintain the servers to run applications, databases, and storage systems. Naturally, this offloads the risk of server-side insecurities to the…

The post A Discussion on Serverless Application Vulnerabilities appeared first on TrustedSec.

Continue reading A Discussion on Serverless Application Vulnerabilities→

The Updated Security Pro’s Guide to MDM, MAM, and BYOD

Posted on July 30, 2020 by Amanda Mates

Bring your own device (BYOD) is an accepted convention, most commonly for mobile devices, in corporate environments. Even company-owned devices are treated by employees as personal devices and are often incorporated into the environment in the same way that employee-owned devices are. Our job in information security is to ensure that the business initiatives like…

The post The Updated Security Pro’s Guide to MDM, MAM, and BYOD appeared first on TrustedSec.

Continue reading The Updated Security Pro’s Guide to MDM, MAM, and BYOD→

Thycotic Secret Server: Offline Decryption Methodology

Posted on July 28, 2020 by Nathan Noll

On offensive engagements, we frequently encounter centralized internal password managers that are used by various departments to store incredibly sensitive account information, such as Domain Admin accounts, API keys, credit card data, the works. It used to be that these systems were implemented without multi-factor authentication. “Hacking” them was as simple as finding somebody that…

The post Thycotic Secret Server: Offline Decryption Methodology appeared first on TrustedSec.

Continue reading Thycotic Secret Server: Offline Decryption Methodology→

8 Keys to Writing Safer Code

Posted on July 9, 2020 by Nathan Noll

All too often, security in code is an afterthought. There’s a reason that bug bounties are so prevalent; as codebases get larger, testing gets harder. Add in the time constraints of a “move fast and break things” mentality and it’s no wonder so many security issues arise. The basics might be there, encrypted connections, hashed…

The post 8 Keys to Writing Safer Code appeared first on TrustedSec.

Continue reading 8 Keys to Writing Safer Code→

MSBuild: A Profitable Sidekick!

Posted on June 25, 2020 by Amanda Mates

This blog post highlights some good techniques to use when restricted to testing an up-to-date Windows system with low-level user privileges (no local admin) through a Remote Desktop Protocol (RDP) connection. The Situation: At the start of this engagement, I faced the common task of needing to escalate privileges after acquiring low-level access to a…

The post MSBuild: A Profitable Sidekick! appeared first on TrustedSec.

Continue reading MSBuild: A Profitable Sidekick!→

Abusing Windows Telemetry for Persistence

Posted on June 9, 2020 by Nathan Noll

Today we’re going to talk about a persistence method that takes advantage of some of the wonderful telemetry that Microsoft has included in Windows versions for the last decade. The process outlined here affects Windows machines from 2008R2/Windows 7 through 2019/Windows 10. As of this posting, this persistence technique requires local admin rights to install…

The post Abusing Windows Telemetry for Persistence appeared first on TrustedSec.

Continue reading Abusing Windows Telemetry for Persistence→

Theft From Online Shopping Carts – Past and Present

Posted on June 4, 2020 by Amanda Mates

Past Circa 2007, during a penetration test, I encountered an online shopping cart that exposed a variable containing a product’s price and it allowed for manipulation to lower the cart’s total. In early 2008, research was conducted to answer the question – just how many carts are vulnerable to such a trivial hack? At the…

The post Theft From Online Shopping Carts – Past and Present appeared first on TrustedSec.

Continue reading Theft From Online Shopping Carts – Past and Present→

Introducing Proxy Helper – A New WiFi Pineapple Module

Posted on May 26, 2020 by Nathan Noll

I have had several occasions when I’ve been performing a pentest against an Android or iOS application, attempting to monitor the traffic with Burp Suite, only to realize that the application is not respecting my proxy settings. Now, if you have a rooted or jailbroken device, there are some ways you can force the application…

The post Introducing Proxy Helper – A New WiFi Pineapple Module appeared first on TrustedSec.

Continue reading Introducing Proxy Helper – A New WiFi Pineapple Module→

Practical OAuth Abuse for Offensive Operations – Part 1

Posted on May 13, 2020 by Nathan Noll

Background OAuth is an open authorization standard that facilitates unrelated servers and services working together, allowing access to their assets without sharing the initial, related, single logon credential. I have been thinking of it as a kind of Kerberos for external services, without a shared domain or forest. A familiar instance would be authentication to…

The post Practical OAuth Abuse for Offensive Operations – Part 1 appeared first on TrustedSec.

Continue reading Practical OAuth Abuse for Offensive Operations – Part 1→

Breaking Typical Windows Hardening Implementations

Posted on May 12, 2020 by Nathan Noll

In this post, I will go over some hardening configurations that are typically set in Group Policy settings and ways to bypass them. It is important to remember that hardening configurations can be a whole series of different settings. For this post, I am showing only a few specific settings, meaning that if these were…

The post Breaking Typical Windows Hardening Implementations appeared first on TrustedSec.

Continue reading Breaking Typical Windows Hardening Implementations→