How a Simple Test Brought Down a Server You sanitized your input fields for XSS? You might have opened a new door for attackers… Imagine this: You’re a developer at your company. After a penetration test, several issues were found in your app, some input fields have no limits on length or content. This leaves […]
Sandwich Attacks: From Reset Password to Account Takeover
Once Upon a Password Reset… You’ve just forgotten your password for a website. No big deal, you click “Forgot Password,” they send you a link, and you reset it. At the time the feature was designed, it was decided that this reset link would include a UUID token. The reasoning seemed sound—since UUIDs are unique, […]
Firestore Database – Black Box Security Testing Guide – Go Beyond *.firebaseio.com/.json
Incentives Firestore security is an important topic for modern applications. Its wide usage and serverless architecture may cause security issues in the areas such as authentication, authorization, and data exposure. Especially they are exposed to data leakages, which may be caused by a non-serveless design approach. In a world of multi-tier applications, using a backend […]
A Guide For Advanced Message Protected API Hacking Using Hackvertor and Burp (Part #2)
More up-to-date Hackvertor game-changer techniques, code examples, and tips for advanced penetration testing and bug bounty. Intro Hackvertor is a Burp extension that programmatically extends Burp capabilities, by allowing you to embed neat code logic directly into HTTP requests sent/proxies by Burp and its extensions. Similar to Postman pre-request scripts. Here, I will try to […]
Advanced Testing Of Web Application With Custom Message Signing Using Hackvertor (Part #1)
Introduction Many of us have probably been faced with testing an application with custom HTTP request authentication or message signing. The requests from these applications can be proxied but they have built-in replay protection mechanisms in some form. As such, it isn’t possible to resend these requests outside of the application therefore making all external […]