Web Services and API Penetration Testing Part #2

Welcome readers to Part 2 of Web Services Penetration Testing. In this part, we will take a quick look into the various test cases, tools and method for security testing of Web Services. Black box Web Services Penetration Testing pre-requisite: -> Web Service Description Language (WSDL) file Grey box Web Services Penetration Testing pre-requisite: -> […]

Tabnabbing – An art of phishing

This blog is about a technique used by attackers to perform phishing attack by using the Tabnabbing. Although, this was technique was invented long time ago, but there are very few articles on this. Hence, I thought to write something on this topic. What is tabnabbing?p Tabnabbing is a client side attack web based attack. […]

Intercepting thick clients sans domain: Thick Client Penetration Testing – Part 5

For carrying out penetration testing assessments, our main aim has been to resolve the actual domain to the loopback IP address, by adding an entry to the hosts file. Let us know consider a situation where the thick Client application does not send the request to a domain or a host name, then what happens? […]

Dark Web: Accessing the hidden content Part #2

Using I2P to access the dark web – Part #2 I2P Intro: According to Wikipedia, The Invisible Internet Project (I2P) is an anonymous network layer that allows for  peer to peer communication via encrypting the user’s traffic and sending it through a volunteer-run network of roughly 55,000 computers distributed around the world. The software that implements this layer is called […]

Dark Web: Accessing the hidden content Part- 1

  Curiosity towards hidden and unknown things is natural to people. For the general folks, Internet is existence of websites indexed via popular search engines like Google, however the Deep Dark web is beyond the traditional search engines which are hidden and inaccessible through standard web browsers. It is an interesting fact to know that […]

Fileless malware- the ninja technique to spread malwares using default os tools

What are fileless malwares? Fileless malware are not typical malwares that probe directly or indirectly to install software on a victim’s machine and then execute. Instead, tools that are built-in to Windows are hijacked and used to carry out attacks. Why is it more dangerous? Due to the usage of only default windows tools, no […]

Gain Root without Password- macOS Sierra

A critical vulnerability has been discovered in macOS High Sierra allowing any user to get root access on a mac system without any passwords. In order to perform this, you just need to type “root” into the username field, leave the password blank, and hit the Enter a few times ( two or more) and […]

Reverse Engineering 101 – With Crack-mes

Reverse Engineering is an fascinating art of playing with low level code. In this article, we will see a hands-on tutorial for patching an exe file to accept any serial key! Tool for use: ● Ollydbg (http://www.ollydbg.de/) ● A crack-me for demonstration. You can download loads of crack-mes for hands-on practice from http://crackmes.de/ A crack-me […]

Automating Web Apps Input fuzzing via Burp Macros

Hi Readers, This article is about Burp Suite Macros which helps us in automating efforts of manual input payload fuzzing. While it may be known to many testers, this article is written for those who are yet to harness the power of burp suite’s macro automation. In my penetration testing career so far, while performing […]

OWASP Top 10 : Cross-Site Scripting #3 Bad JavaScript Imports

This blog covers Cross-Site Scripting (XSS) vulnerability from a different perspective. Generally, XSS is when the application takes user supplied JavaScript and displays it without escaping/encoding. In this blog, we will see how can XSS be exploited even if the application properly escapes/encodes the user inputted JavaScript using different methods. Exploiting XSS in this way can […]