I would like to use this opportunity to thank everybody that voted my lightning talk “Web app testing without attack traffic” as the “BruCon 2011 Lightning Talk winner”. I only had 5 minutes so I had to take out many things I wanted to cover, for this reason, I have significantly expanded this talk (106 slides …
I will be giving a lightning talk at Brucon next week. My goal is to give a quick overview on the vast amount of tests possible before you have permission to test a target. This is particularly useful if you are given a short test window but you are willing to put the extra effort …
A nice tool for SSL cipher testing is this Perl script: ssl-cipher-check.pl, however, in Backtrack and also on other distros you may get this error the first time you run it: ssl-cipher-check.pl -vw my.exampledomain.com 443 … ERROR: Unable to find /usr/bin/gnutls-cli-debug. Please install the gnutls-devel package To avoid that simply install the missing package as …
When Testing for HTTP Methods and XST a common vulnerability to find is XST. When you manually verify that this vulnerability is truly present (i.e. not a tool false positive) you can use tools like netcat but sometimes the web server is using SSL and netcat will not work straightaway. You can get around this …
Do you still believe input validation is enough to fix Cross Site Scripting (XSS)? Billy Hoffman said it best at Schmoocon 2007 (4 years ago!!!) in his talk “JavaScript Malware for a Grey Goo Tomorrow” (fast forward to Q & A, minute 51:45): Person in the audience asks: “You said that AJAX doesn’t really change …
NOTE: This will work in backtrack, ubuntu and pretty much any Linux distro as far as I know There are times where you would like to open a service to the internet and it is ok to only allow one host/IP address to connect to you, for example: – Host-to-host transactions – During a pentest …
The problem There was an unexpected challenge to put together the security weekly news last night: My ISP mistakenly thought I had not paid my bills last month and decided to disrupt my web browsing experience by displaying a web page that said something like “information page … you have not paid x,y,z .. to …
