Find malicious URLs stored on a file
Is there a way to parse URLs stored on a .txt or excel file and rate them in terms of popularity-malicious activity?
Category Archives: url
Semantic URL Attack Mitigation
I want to know what is the best approach for preventing URL Jumping / URL Tampering Attacks
Example
updateprofile.php?uid=1
I can change to
updateprofile.php?uid=2
I can update the second user’s profile without loggi… Continue reading Semantic URL Attack Mitigation
Bypassing URL verification
I’m dealing with a URL validation function that was made by the developer (instead of using trusted methods).
Here is a slightly modified version of the function:
public static bool IsValidURL(string url) {
stri… Continue reading Bypassing URL verification
Whats this Encryption? [duplicate]
This question already has an answer here:
How to determine what type of encoding/encryption has been used?
8 answers
How do hackers keep their phishing url undetected? [on hold]
Most hackers keep their links undetected and also up for a long time and send phishing messages.
How is it done? Even Outlook server could not detect them.
Continue reading How do hackers keep their phishing url undetected? [on hold]
Is session id in url itself for all the requests an issue?
Is session id in url itself for all the requests an issue?
Continue reading Is session id in url itself for all the requests an issue?
Suspicious HTTP requests on Android [on hold]
I’m currently developing on a Huawei P20 (Android 8.1.0) and recognized some (imho) suspicious HTTP HEAD requests in mitmproxy’s logs.
Firefox/Safari/Apple Webkit are not installed on the device.
I’m a bit confused si… Continue reading Suspicious HTTP requests on Android [on hold]
Requests to /android-app://com.twitter.android/twitter/user – what is the intention?
I wonder what requests to https://ourdomain.com/android-app://com.twitter.android/twitter/user are doing – is that a kind of attempt exploit a vulnerability?
I encounter them in our web server logs with an increasing frequenc… Continue reading Requests to /android-app://com.twitter.android/twitter/user – what is the intention?
I was redirected to an infected site, what should I do?
I always avoid suspicious links, but recently, in one of my google searches, I clicked the first link on google (looked just a normal site), but it immediately redirected me to a weird news site (the news was basically “How I… Continue reading I was redirected to an infected site, what should I do?
How to call activity from outside app and set url?
So i’ve managed to call a webview activity from frida objection, and was wondering how i could call it and set it from outside the app, also it’s worth noting it’s a appboy thing.
Continue reading How to call activity from outside app and set url?