In today’s development landscape among our customers, it’s rare to encounter production PHP code. However, when we do, the story is always the same. Typically, such code is riddled with numerous high and critical-level vulnerabilities. Reviewing and testing this kind of code feels like being transported back in time — about 20 years — when […]
Still Using SSRF to Take Over Cloud Deployments Once Again
How Server-Side Request Forgery Can Lead to Full Cloud Compromise – and What You Can Do About It Introduction Server-Side Request Forgery (SSRF) is a powerful exploit that enables attackers to trick a vulnerable server into making arbitrary HTTP requests on their behalf. While some view SSRF as merely a method to force the server […]
Firestore White Box Security Review Checklist
Introduction Securing your application’s Firestore database is crucial for protecting sensitive data and maintaining user trust. Google Firestore, a scalable NoSQL cloud database, offers robust features for real-time data management, but securing it against threats requires careful attention. This article is designed to help developers and security professionals assess and strengthen their Firestore implementations. A […]
Firestore Database – Black Box Security Testing Guide – Go Beyond *.firebaseio.com/.json
Incentives Firestore security is an important topic for modern applications. Its wide usage and serverless architecture may cause security issues in the areas such as authentication, authorization, and data exposure. Especially they are exposed to data leakages, which may be caused by a non-serveless design approach. In a world of multi-tier applications, using a backend […]
A Guide For Advanced Message Protected API Hacking Using Hackvertor and Burp (Part #2)
More up-to-date Hackvertor game-changer techniques, code examples, and tips for advanced penetration testing and bug bounty. Intro Hackvertor is a Burp extension that programmatically extends Burp capabilities, by allowing you to embed neat code logic directly into HTTP requests sent/proxies by Burp and its extensions. Similar to Postman pre-request scripts. Here, I will try to […]
Advanced Testing Of Web Application With Custom Message Signing Using Hackvertor (Part #1)
Introduction Many of us have probably been faced with testing an application with custom HTTP request authentication or message signing. The requests from these applications can be proxied but they have built-in replay protection mechanisms in some form. As such, it isn’t possible to resend these requests outside of the application therefore making all external […]