Recent Posts

Categories

Archives

Exploiting VLAN Double Tagging

April 17, 2020

We have all heard about VLAN double tagging attacks for a long time now. There have been many references and even a single packet proof of concept for VLAN double tagging attack but none of them showcase a weaponized attack. In this blog Amish Patadiya will use VLAN double tagging

Read more

Automating Pentests for Applications with Integrity Checks using Burp Suite Custom Extension

March 17, 2020

During one of our recent web application penetration testing assignments, @realsanjay encountered a scenario where the application employed an integrity check on HTTP request content. The integrity check was maintained using a custom HTTP header that stored the HMAC of HTTP request content based on session-specific CSRF tokens. Any modification

Read more

Hacking AWS Cognito Misconfigurations

February 17, 2020

In this blog, Sunil Yadav, our lead trainer for “Advanced Web Hacking” training class, will discuss a case study of AWS account takeover via misconfigured AWS Cognito.  TL;DR The application under test only had a login page and no sign up feature exposed. Target application uses AWS Cognito JavaScript SDK

Read more

Cloud Services Enumeration – AWS, Azure and GCP

October 28, 2019

TL;DR: We have built cloud enumeration scripts now available @ https://github.com/NotSoSecure/cloud-service-enum/. This script allows pentesters to validate which cloud tokens (API keys, OAuth tokens and more) can access which cloud service. As cloud environments are becoming increasingly popular, we are seeing a rise in cloud environment usage in production. From

Read more

Identifying & Exploiting Leaked Azure Storage Keys

October 3, 2019

In this blog, Sunil Yadav, our lead trainer for “Advanced Web Hacking” training class, will discuss a case study of Remote code execution via Azure Storage when the Azure Function deployment is configured to run from Storage Account using WEBSITE_CONTENTSHARE app setting. TL;DR Access Leaked Storage Account’s Access Key Connect

Read more