Collaborate Disseminate
In this episode of Tradecraft Security Weekly, Mike Felch talks with Beau Bullock about the possibilities of using framesets in MS Office documents to send Windows password hashes remotely across the Internet. This technique has the ability to bypass m… Continue reading Leaking Windows Creds Externally via MS Office – Tradecraft Security Weekly #21
A software vulnerability disclosure program recently launched by popular drone maker DJI has turned into a messy public relations battle pitting several security researchers against the growing Chinese technology firm. After DJI recently launched a bug bounty program, two researchers — Sean Malia and Kevin Finisterre — publicly disclosed vulnerabilities in DJI products. The revelations resulted in the company challenging each researcher’s findings and seemingly threatening one with a lawsuit tied to the Computer Fraud and Abuse Act. For researchers who have been poking and prodding DJI’s digital properties and products for about three months, Malia and Finisterre stories strike a familiar tone. Several researchers who approached DJI with information about evident vulnerabilities say the outcome has been less than satisfactory. DJI disputes aspects of some of these accounts, but experts say the firm has gone too far. “Many companies mistake a bug bounty program for a penetration test, in which the […]
The post How DJI fumbled its bug bounty program and created a PR nightmare appeared first on Cyberscoop.
Continue reading How DJI fumbled its bug bounty program and created a PR nightmare
When you are performing penetration tests for your customers, you need to build your personal arsenal. Tools, pieces of hardware and software are collected here and there depending on your engagements to increase your toolbox. To perform Wireless intrusion tests, I’m a big fan of the WiFi Pineapple. I’ve one for
[The post WiNX: The Ultra-Portable Wireless Attacking Platform has been first published on /dev/random]
Continue reading WiNX: The Ultra-Portable Wireless Attacking Platform
When pentesting web services or an application that leverage XML files, XML External Entity (XXE) attacks are a great way to start. By injecting an XXE into a well crafted XML payload before it’s sent to the server, a penetration tester can trick the parser into executing other actions that the developer never intended. This […]
The post Dissecting XXE Attacks – Tradecraft Security Weekly #19 appeared first on Security Weekly.
Continue reading Dissecting XXE Attacks – Tradecraft Security Weekly #19
If you are a penetration tester password cracking is something you will inevitably do. On most engagements we typically don’t have months on end to crack passwords. In an effort to help be more efficient in your cracking techniques Beau Bullock (@dafthack) describes various ways to streamline your approach to cracking in episode 17 of […]
The post Cracking Password Hashes Efficiently – Tradecraft Security Weekly #17 appeared first on Security Weekly.
Continue reading Cracking Password Hashes Efficiently – Tradecraft Security Weekly #17
There are a ton of modules in Metasploit that are extremely useful for performing various attacks post-exploitation. But sometimes there are external tools that you might want to use that are not included in Metasploit. It’s possible to proxy other external tools through a Meterpreter session using a module in Metasploit and proxychains. In this […]
The post Pivoting Tools Through Meterpreter – Tradecraft Security Weekly #16 appeared first on Security Weekly.
Continue reading Pivoting Tools Through Meterpreter – Tradecraft Security Weekly #16
Your WAF is not safe! Sven Morgenroth, a Security Researcher at Netsparker, blows Paul’s mind with his ninja-esque input filter bypass skills in this technical segment! Full Show Notes Subscribe to YouTube Channel
The post Bypassing Input Filters with Sven Morgenroth, Netsparker – Paul’s Security Weekly #526 appeared first on Security Weekly.
Session management in web applications is extremely important in regards to securing user credentials and integrity within the application. Sometimes, session tokens can be predicted, provided the overall randomness is weak. If this is possible, a remote attacker may be able to compromise the session of an authenticated user. In this episode of Tradecraft Security […]
The post Identifying Weak Session Tokens Using Entropy – Tradecraft Security Weekly #15 appeared first on Security Weekly.
Continue reading Identifying Weak Session Tokens Using Entropy – Tradecraft Security Weekly #15
Mystery bug bounties, Marcus Hutchins pleads not guilty, a password guru regrets past advice, Dropbox and offline two-factor authentication, and more security news! Paul’s Stories Mystery Company Offers $250,000 Bounty for VM Escape Vulnerabilities Hacker Marcus Hutchins To Plead Not Guilty To Malware Development Password Guru Regrets Past Advice Salesforce Sacks Security Engineers For Their […]
The post Salesforce, Dropbox, BeyondTrust, Pentesting, and Defcon – Paul’s Security Weekly #525 appeared first on Security Weekly.