In today’s development landscape among our customers, it’s rare to encounter production PHP code. However, when we do, the story is always the same. Typically, such code is riddled with numerous high and critical-level vulnerabilities. Reviewing and testing this kind of code feels like being transported back in time — about 20 years — when […]
Still Using SSRF to Take Over Cloud Deployments Once Again
How Server-Side Request Forgery Can Lead to Full Cloud Compromise – and What You Can Do About It Introduction Server-Side Request Forgery (SSRF) is a powerful exploit that enables attackers to trick a vulnerable server into making arbitrary HTTP requests on their behalf. While some view SSRF as merely a method to force the server […]
ReDoS
How a Simple Test Brought Down a Server You sanitized your input fields for XSS? You might have opened a new door for attackers… Imagine this: You’re a developer at your company. After a penetration test, several issues were found in your app, some input fields have no limits on length or content. This leaves […]
Hacking Android Apps Through Exposed Components
by Tal Melamed In almost every Android application, developers expose activities without sufficient protections. Exposing activities can lead to various attacks. For example, an attacker or a malicious app installed on the same device, can call those exposed activities to invoke internal pages of the application. Calling internal pages puts the application at risk of […]
Cryptography as a Solution – Using Advanced Techniques for Data Protection
Introduction to Data Protection In the world of information security it is highly advised to implement security solutions in layers. Solutions such as authentication, authorization, input validation and others help us maintain order and security when dealing with access to data. It is important to note that these techniques do not help with the data […]
Secure Development Lifecycle for Open Source Usage
Secure Development Lifecycle for Open Source Usage by Yaron Hakon Preface How do we adjust the SDL (Security Development Lifecycle) process for the growing use of open source in internal/external systems we develop and maintain? This is a question I hear a lot lately from our customers in some recent SDL projects we […]
Sandwich Attacks: From Reset Password to Account Takeover
Once Upon a Password Reset… You’ve just forgotten your password for a website. No big deal, you click “Forgot Password,” they send you a link, and you reset it. At the time the feature was designed, it was decided that this reset link would include a UUID token. The reasoning seemed sound—since UUIDs are unique, […]
Firestore White Box Security Review Checklist
Introduction Securing your application’s Firestore database is crucial for protecting sensitive data and maintaining user trust. Google Firestore, a scalable NoSQL cloud database, offers robust features for real-time data management, but securing it against threats requires careful attention. This article is designed to help developers and security professionals assess and strengthen their Firestore implementations. A […]
Firestore Database – Black Box Security Testing Guide – Go Beyond *.firebaseio.com/.json
Incentives Firestore security is an important topic for modern applications. Its wide usage and serverless architecture may cause security issues in the areas such as authentication, authorization, and data exposure. Especially they are exposed to data leakages, which may be caused by a non-serveless design approach. In a world of multi-tier applications, using a backend […]
A Guide For Advanced Message Protected API Hacking Using Hackvertor and Burp (Part #2)
More up-to-date Hackvertor game-changer techniques, code examples, and tips for advanced penetration testing and bug bounty. Intro Hackvertor is a Burp extension that programmatically extends Burp capabilities, by allowing you to embed neat code logic directly into HTTP requests sent/proxies by Burp and its extensions. Similar to Postman pre-request scripts. Here, I will try to […]