What follows is a directory traversal hack I found “In the Wild” as they say, on a customer’s actual website I was working on. Our customer was a large enterprise client involved in Information Management, but this could be present on many web applications that allow a user to upload and download files.
In summary, 2017 will bring its own share of challenges to security teams.
The WhiteHat team has gathered some thoughts on predictions and new vulnerabilities or trends that might emerge in 2017.
This article provides an executive summary on the Blockchain technology, what it is, how it works, and why everyone is excited about it.
After a lot of coordination, research, voting by the community and judging - learn the Top 10 Web Hacking Techniques of 2015.
It has been discovered that OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k are vulnerable to a downgrade attack. In short, an attacker could man-in-the-middle a user and web server, force the user and server to downgrade to a set of export ciphers which are weak and outdated.
Learn the top 10 website hacking techniques for the year.
Naenara Browser is the DPRK's version of Firefox that comes built into Red Star OS, the official operating system of North Korea is weirder than we thought
Common HTTP headers are components of the header section of request and response messages in the Hypertext Transfer Protocol (HTTP).
A long time ago I began to compile a list of lesser known but still very scary choke points on the Internet.
There’s a problem with the reflective Cross Site Scripting (“XSS”) filter in Microsoft’s Internet Explorer family of browsers that extends from version 8.0 (where the filter first debuted) through the most current version, 11.0, released in mid-October for Windows 8.1, and early November for Windows 7.
I think a lot of web designers and web masters have almost no idea what are the most important things to focus on beginning on day one.
It appears that an unconventional method of Cross Site Request Forgery may be made exploitable by using Firefox versions 21 and below.
Never use Web Storage data for access control decisions or trust the serialized objects you store here for other critical business logic. A malicious user is free to modify their localStorage and sessionStorage values at any time, treat all Web Storage data as untrusted.
This interview openly discusses criminal activities from the perspective of an admitted criminal.
The keys to the kingdom pretty much always come down to acquiring source code for the web application you’re attacking from a blackbox perspective.
Password Cracking AES-256 DMGs and Epic Self-Pwnage
IT security is a massive concern for many organizations of all shapes and sizes. The consequences of a security failure are often drastic, sometimes terminal. Over recent years, there has been a relentless upward trajectory in spending on IT security, and there are no signs of that trend abating.
Learn 7 ways vulnerability scanners may harm websites and what to do about it.
Session fixation, by most definitions, is a subclass of session hijacking.
X-Frame-Options (XFO) is an HTTP response header, mostly used to combat Clickjacking, that informs a Web browser if the page should be rendered in a or .
Content Security Policy (CSP) is a new(ish) technology put together by Mozilla that Web apps can use as an additional layer of protection against Cross-Site Scripting (XSS). This protection against XSS is the primary goal of CSP technology.
Learn about what is CSRF and developing CSRF prevention design principles.
HTTP Strict Transport Security (HSTS) is a new(ish) technology that allows an application to force browsers to use only SSL/TLS (HTTPS, not HTTP) when they visit that application.
Session cookies (or, to Java folks, the cookie containing the JSESSIONID) are the cookies used to perform session management for Web applications.
Clickjacking prevention is a type of “Web framing” or “UI redressing” attack.
X-Frame-Options allows an application to specify whether or not specific pages of the site can be framed. This is meant to help prevent the clickjacking problem.
Many penetration testers rarely test cryptographic vulnerabilities. In this post provides details of a length extension attack.
Please forgive the title, but today’s topic is something to be wary of if you write (or use) any access control / authorization type code in Web-based J2EE apps: HTTP URL path parameters.
These cookies hold the reference to the session identifier for a given user, and the same identifier − along with any session-scoped data related to that session id − is maintained server-side.