Clik here to view.
Exploiting CVE-2011-2461 on google.com
As a follow up of our Troopers 2015 presentation about CVE-2011-2461 we want to release more details about a real world exploitation scenario targeting Google services.During our large-scale analysis...
View ArticleHow to prevent Path Traversal in .NET
IntroductionA well-known, never out of fashion and highly impact vulnerability is the Path Traversal. This technique is also known as dot-dot-slash attack (../) or as a directory traversal, and it...
View ArticleClik here to view.
A practical guide to testing the security of Amazon Web Services (Part 3: AWS...
This is the last part of our 3 posts journey discussing the main Amazon Web Services and their security.In the previous two parts we discussed two of the most used Amazon services, namely AWS S3 and...
View ArticleClik here to view.
How to Path Traversal with Burp Community Suite
IntroductionA well-known, never out of fashion and highly impact vulnerability is the Path Traversal. This technique is also known as dot-dot-slash attack (../) or as a directory traversal, and it...
View ArticleClik here to view.
OWASP SAMM v2: lessons learned after 9 years of assessment
OWASP SAMM v2 is out!OWASP SAMM (Software Assurance Maturity Model) is the OWASP framework to help organizations assess, formulate, and implement, through our self-assessment model, a strategy for...
View ArticleClik here to view.
Remote Working - Web Chats: Threats and countermeasures
IntroductionWith recent worldwide events, a sharply increasing number of companies are offering remote services to their customers. Even traditional businesses are implementing new features or pushing...
View ArticleClik here to view.
Behave! A monitoring browser extension for pages acting as "bad boi".
Browsing: What Could Go Wrong?There's so much literature about client side attacks, but most of the focus is usually about classical malware attacks, exploiting software vulnerabilities.Malicious...
View ArticleImplementing Secure Biometric Authentication on Mobile Applications
Nowadays, almost every mobile device has a biometric sensor that allows developers to implement local authentication and also store sensitive data securely through dedicated APIs. Biometric...
View ArticleClik here to view.
Mobile Screenshot prevention Cheat Sheet - Risks and Scenarios
Mobile Screenshot Prevention Cheat Sheet - Risks and ScenariosThe following article will try to analyze and explain risks and attack scenarios affecting mobile applications without any implemented...
View ArticleClik here to view.
WAF Journey - Fixing Telerik UI Remote Code Execution via Arbitrary File Upload
IntroductionIt might occur that companies discover vulnerabilities on web application assets that were acquired by third party vendors. What happens if the asset is no longer supported/licensed and...
View ArticleClik here to view.
Demystifying Web Cache Threats
AuthorsAlessandro BrucatoGiorgio RandoIntroduction Did you know the word “Cache” comes from French and means “Hidden”?If we transpose it to IT we can see why it has been named as such: It is because of...
View ArticleClik here to view.
A Journey Into the Beauty of DNSRebinding - Part 1
AuthorsGiovanni GuidoAlessandro BraccioAbstractIn this first blog post about DNS rebindingtopic, we are going to show a practical example of DNS Rebinding attack against UPnP services exposed in a...
View ArticleClik here to view.
Mobile Screenshot Prevention Cheatsheet - Testing and Fixing
.post ul li { list-style: circle inside; margin-left: 20px; margin-bottom: 0px; font-size: 14px; } .post blockquote{ box-sizing border-box; color rgb(102, 102, 102); display inline; padding: 10px 10px...
View ArticleClik here to view.
A Journey Into the Beauty of DNSRebinding - Part 2
AbstractIn the first part, after a fast overview on the DNS Rebinding technique, we considered a practical example in which UPnP services has been exploited to perform NAT Injection attacks and,...
View ArticleClik here to view.
The Worst Log Injection. Ever. (Log4j [2.0.0-alpha,2.14.1] )
There has been such a hype about the Log4j issue and since IMQ Minded Security mission has always been about fixing, this informal post is about what's going on, how to check if someone's system is...
View ArticleClik here to view.
UN ECE 155 Threats in the real world: Wireless Networking Attacks and...
On March the 31st, I gave a quick talk on automotive security at VTM titled "UN ECE 155 Threats in the real world: Wireless Networking Attacks and Mitigations. A case study" (slides here).The idea was...
View ArticleClik here to view.
OWASP Global AppSec Dublin 2023: WorldWide and Threat Modeling
The OWASP Global AppSec Dublin 2023 conference was a truly inspiring event for anyone involved in application security. As an attendee, I was able to catch up with OWASP colleagues and hear from...
View ArticleClik here to view.
20 years of Software Security: threats and defense strategies evolution
Software security has come a long way in the past two decades. With the advent of new technologies and a rapidly evolving threat landscape, defending against cyber attacks has become more challenging...
View ArticleClik here to view.
A Cool New Project: Semgrep Rules for Android Apps Security
In today's digital landscape, mobile application security has become an paramount concern. With the increasing number of threats targeting Android applications and the stored personal data, developers...
View ArticleClik here to view.
Semgrep Rules for Android Application Security
IntroductionThe number of Android applications has been growing rapidly in recent years. In 2022, there were over 3.55 millionAndroid apps available in the Google Play Store, and this number is...
View Article