Clik here to view.
Stored DOM Based Cross Site Scripting
Since the very first release of DOMinatorPro, there is an 'S' little button in the right down corner:Q: What does it mean?A: First of all, I'd say, it actually means that there's another feature that...
View ArticleClik here to view.
DOM XSS on Google Plus One Button
IntroductionDOMinatorPro can be very useful to find DOM Based XSS on complex JavaScript web applications. This post will describe a Cross Origin Resource Sharing (CORS) abuse exploiting a flaw in the...
View ArticleDOMinatorPro Fuzzer finds a DOM XSS on Google.com
Introduction a.k.a. tl;drA quite simple DOM Based XSS was found on https://www.google.com/ context using DOMinatorPro.What I think it's interesting here, is to show how DOMinatorPro works in this real...
View ArticleClik here to view.
Clik here to view.
Real Life Vulnerabilities Statistics: an overview
From time to time, it is useful for a consulting company like us to stop, look back and think about what has been done in the last few years. This is important because:the company can identify the...
View ArticleClik here to view.
"jQuery Migrate" is a Sink, too?!
or How "jQuery Migrate" un-fixes a nasty DOMXSS without telling us.. Foreword Today Mario Heiderich of Cure53 tweeted the following message:"@0x6D6172696F Does anyone know why jquery.com has a special...
View ArticleDOMinatorPro with Martin Hall at London Tester Gathering Workshops 2013
Martin Hall will give a talk "Bug Hunting for Fun and Profit" at the London Tester Gathering Workshops 2013. http://skillsmatter.com/event/agile-scrum/ltg-workshopsDuring his presentation Martin will...
View ArticleFinancial Cyber-Threat Briefing
“Planning for Attack-Resilient Web Applications”The next 11th July 2014 in London Minded Security, the Software Security Company, will present an overview of the most common and latest attack vectors...
View ArticleLinkedin.com fixes a High Risk Vulnerability inside its Javascript Code
Linkedin.com security team released a patch after receiving our DOMinatorPro Enterprise analysis report.DOMinatorPro Enterprise is very clever in finding exploitable JavaScript security issues on...
View ArticleClik here to view.
Public release of the OWASP TESTING GUIDE v4
17th September, 2014: OWASP is announcing the new OWASP Testing Guide v4. The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own...
View ArticleComparing DOM based XSS Identification Tools on a Real World Vulnerability
Due to the lack of literature about DOM Based XSS identification tools awareness, we decided to write a paper that took the actual tools that are stated to be able to identify DOM Based XSS and test...
View ArticleClik here to view.
iOS Masque Attack Demystified
The Masque Attack, recently discovered by FireEye security researchers, sets a new level of warning for iOS users.This is a dangerous attack that also threatens non jailbroken Apple iOS devices both on...
View ArticleClik here to view.
The old is new, again. CVE-2011-2461 is back!
On March 19th @ Troopers 2015, me (Mauro Gentile) and Luca Carettoni presented an in-depth study on a very fascinating bug affecting old versions of Adobe Flex SDK.For the sake of precision, this is a...
View ArticleClik here to view.
SSL MiTM attack in AFNetworking 2.5.1 - Do NOT use it in production!
During a recent mobile application security analysis for one of our clients, we identified a quite unobvious behaviour in apps that use the AFNetworking library.It turned out that because of a logic...
View ArticleClik here to view.
Exploiting CVE-2011-2461 on google.com
As a follow up of our Troopers 2015 presentation about CVE-2011-2461 we want to release more details about a real world exploitation scenario targeting Google services.During our large-scale analysis...
View ArticleClik here to view.
Beyond Superfish: a Journey on SSL MitM in the Wild
Recently Lenovo hit thenews because they got caught installing adware on their laptops, namely Superfish, which, amongst other features, also perform SSL Mitm on the infected computer.Unfortunately,...
View ArticleClik here to view.
Antitamper Mobile - Minded Security's Magik Quadrant for Mobile Code Protection
Minded Security's Magik Quadrant for Mobile Code Protection shows you our evaluation of the top vendors in this market, based on our research and experience.Magik QuadrantWhy care about Code...
View ArticleClik here to view.
Multiple security issues discovered in Concrete5 - Part 1
About a month ago we performed a Secure Code Review of Concrete5 version 5.7.3.1, the latest stable release at that time, and discovered multiple security issues within it. In particular we found the...
View ArticlePDF-based polyglots through SVG images (CVE-2015-5092)
Many vulnerabilities in Adobe Reader were recently patched in APSB15-15; the security update addresses a vulnerability (CVE-2015-5092) that we responsibly reported to Adobe PSIRT in April 2015. The...
View ArticleClik here to view.
Autoloaded File Inclusion in Magento SOAP API (SUPEE-6482)
This past February we reported an interesting and quite overlooked kind of vulnerability in the Magento web e-commerce platform. The vulnerability might allow an authenticated attacker to execute...
View Article