-
Bypassing web application firewalls using HTTP headers
Web application firewalls (WAF’s) are part of the defense in depth model for web applications. While not a substitute for secure code, they offer great options for filtering malicious input. Below is a story from a real assessment where an enterprise deployment of such a device was vulnerable to being bypassed. The vulnerability is one…
-
Advanced Penetration Testing (APT) – Pentesting High Security Environments by LSO
You think you’ve come, you’ve seen, and you’ve conquered all the training in the pentest field? Think again. J0e McCray, Learn Security Online creator, has brewed up a new course to address the needs of the upper echelon of pentest monkeys out there. If you don’t know j0e from from his various speaking engagements at…
-
Advanced Nmap
Some of the guys I hack with and I have been talking about the “core” toolset in pentesting… like what could you absolutely not go in without? What we came up with is: nmap metasploit ettercap burp Wireshark There are tons of tools that came close to that bracket, other proxies, scanners, other MiTM tools,…
-
A Whole Lotta Passwords
It seems that every time the topic of password cracking comes up, there is a question that quickly follows: “do you have a dictionary?” There are a number of websites that maintain lists of default passwords for equipment. Two that seem to receive a bit of attention are SearchLores and Liquid Matrix. However, Skull Security took things a bit further…