HackDig : Dig high-quality web security articles for hackers

What Spring Data can teach us about API misconfiguration

A security researcher (Joel Noguera @niemand_sec) discovered a ‘critical’ misconfiguration bug in Spring Data’s Application Level Profile Semantics (ALPS). This bug allows unauthenticated users to perform an Application Programming Interface (API) request, which responds with sensitive user data that can be utilized, manipulated, or even deleted.
Publish At:2021-01-22 17:00 | Read:124 | Comments:0 | Tags:Application Security Assessment Penetration Testing Security

Get to Hacking MASSively Faster – The Release of SpooNMAP

I’m sure everyone is already using Masscan and I’m the last one to jump on the bandwagon. Honestly, I don’t know how I got anything done before finding this tool. If you’re not aware, Masscan is an asynchronous, TCP network port scanner. It’s an incredibly fast tool that can be used to quickly identify live services to target te
Publish At:2021-01-19 11:00 | Read:200 | Comments:0 | Tags:Penetration Testing Security Testing & Analysis hack

Why Red Team Testing Rules the Cloud

Red team testing is a key way to help prevent data breaches today. Most cyber defense focuses on spotting openings and fixing general risks in your environment. Red teaming not only reduces risks, but also prevents possible breaches. Methods, such as threat modeling, static analysis and dynamic testing, reduce the attack surface but do not eliminate risk. W
Publish At:2021-01-07 16:23 | Read:189 | Comments:0 | Tags:Security Intelligence & Analytics Security Services Threat H

SecureLayer7 Elevates to becoming a CREST Certified Penetration Tester

SecureLayer7 to become a CREST certified penetration tester has passed the requesting appraisal needed to turn into an individual from Certificate CREST, the not-revenue driven accreditation and confirmation body that speaks to the specialized data security industry. SecureLayer7 is one of the few settled cybersecurity organizations to get CREST Certified Pe
Publish At:2020-12-21 08:31 | Read:182 | Comments:0 | Tags:Penetration Testing SecureLayer7 Services Working with Secur

4 Free Easy Wins That Make Red Teams Harder

In this post, I will cover some easy things that defenders can do to make it harder for attackers to succeed. As you all know, there is never a silver bullet when it comes to security, so these tips will only make it harder for attackers by focusing on the basics, and sometimes, that helps a lot. This post assumes you have basic knowledge such as how to crea
Publish At:2020-12-10 15:30 | Read:229 | Comments:0 | Tags:Penetration Testing Red Team Adversarial Attack Simulation S

S3 Ep8: A conversation with Katie Moussouris [Podcast]

byPaul DucklinHi, everyone – for S3 Ep8, we’ve gone live a day early to take into account the US Thanksgiving holiday on Thursday. (Followed, of course, by Black Friday, so if you’re splashing out online, please take care out there!)This week, we talk to hacker and vulnerability disclosure pioneer, Katie Moussouris. Katie Moussouris, CEO of
Publish At:2020-11-25 11:55 | Read:218 | Comments:0 | Tags:Podcast Security leadership Vulnerability @k8em0 bug bounty

The Tale of the Lost, but not Forgotten, Undocumented NetSync: Part 2

This is a continuation of The Tale of the Lost, but not Forgotten, Undocumented NetSync (part 1) and in this section, we will look to answer: What are Some Early Indicators to Detect NetSync at the Host-based Level?What are Some Possible Controls to Deter NetSync? In an accompanying blog post, Wes Lambert (@therealwlambert) steps through a packet captu
Publish At:2020-10-27 10:41 | Read:388 | Comments:0 | Tags:Active Directory Security Review Incident Response Incident

The Tale of the Lost, but not Forgotten, Undocumented NetSync: Part 1

They say, “Everything old is new again.” Or, if you are a Game of Thrones fan, “What is dead may never die.” For me, however, a mentor once told me, “Everyone is going forward. I’m going backward.” Enter NetSync… I find Twitter to be a good source for InfoSec tactics, techniques, and procedures (TTPs). An
Publish At:2020-10-27 10:41 | Read:363 | Comments:0 | Tags:Active Directory Security Review Incident Response Incident

Using Merlin agents to evade detection

IntroductionWhile penetration testing and Red Teaming are crucial to check a system’s security and to validate potential entry-points in the infrastructure, sometimes establishing an initial foothold on the target can be a big challenge due to host IDS agents, host firewalls, antivirus or even due to bypass security appliances that are inspecting inter
Publish At:2020-10-13 09:47 | Read:445 | Comments:0 | Tags:Penetration Testing

Intro to Web App Security Testing: Logging

A Brief Look at Approaches to Logging and Pitfalls to Avoid TL;DR The Logger++ extension is a great tool for recording requests and responses across all of Burp Suite. However, it is important to ensure enough log entries are retained from the tools you expect and that logs are exported if you want to keep them (my preference is automatic export to CSV
Publish At:2020-10-01 11:05 | Read:512 | Comments:0 | Tags:Application Security Assessment Penetration Testing Security

Important SQLMap commands

IntroductionThe SQLMap tool can be found in every penetration tester’s toolbox. It is one of the most popular and powerful tools when it comes to exploiting SQL injection vulnerability, which itself tops the OWASP list of Top 10 Vulnerabilities. From confirming the SQL injection vulnerability to extracting the database name, tables, columns and g
Publish At:2020-09-30 12:31 | Read:425 | Comments:0 | Tags:Penetration Testing

Azure Account Hijacking using mimikatz’s lsadump::setntlm

Not long ago, I was on an engagement where the client made use of a hybrid Office 365 environment. In their setup, authentication credentials were managed by the on-premises Active Directory (AD) Domain Controller and then synced to Azure AD via Azure AD Connect. We were tasked with gaining access to sensitive customer information. And while we were able
Publish At:2020-09-30 11:38 | Read:397 | Comments:0 | Tags:Application Security Assessment Penetration Testing Security

Setting the ‘Referer’ Header Using JavaScript

Or, “I’m Sorry, You Said You’re from Where Again?” In a prior webinar on creating weaponized Cross-Site Scripting (XSS) payloads, I mentioned that XSS payloads (written in JavaScript) could not change the HTTP Referer header. Malicious requests made through an XSS payload will often have an unexpected Referer header that does not generally make sense in t
Publish At:2020-09-30 11:38 | Read:298 | Comments:0 | Tags:Application Security Assessment Mobile Security Assessment P

The Surge in Ransomware Attacks

Ransomware, a malware that is capable of encrypting the files of the user. This eventually leads to a demand for ransom in exchange for restoring the users’ data post payment. There are some vectors that allow ransomware to get the right of entry or access to a computer or server. One of the maximum common systems for delivering ransomware by using
Publish At:2020-09-18 06:00 | Read:514 | Comments:0 | Tags:Knowledge-base Penetration Testing Security Advisory how ran

Weaponizing Group Policy Objects Access

Recently, I was on an engagement where I discovered I had plaintext credentials to an account that could modify Active Directory Group Policy Objects (GPOs). This proved to be a fun challenge, as Group Policy files and properties can be bent to our will even when hacking through a straw (SOCKS only, in this case). Goal: Use Group Policy to pull down a fil
Publish At:2020-09-17 10:49 | Read:529 | Comments:0 | Tags:Penetration Testing Red Team Adversarial Attack Simulation S

Tools

Tag Cloud