Today we would like to talk about Burp Suite Professional and extensions again. In this blog post we explain how we can teach Burp Suite to handle a custom Transport Encoding that is spoken between an HTTP client and a server by using Burp extensions.
Today we would like to announce the release of an updated BurpSuite extension in the BApp store.
"Delete early, delete often" ist das leicht abgewandelte Motto, dass daran erinnert, Datenlecks durch verlorene oder gestohlene USB-Sticks mittels regelmäßigem Löschen zu minimieren. Sind Sie es leid, beim Formatieren eines USB-Sticks auf Ihrem lokalen Computer darauf zu achten, nicht versehentlich das falsche Gerät zu löschen? Um den Vorgang zu vereinfachen, haben wir eine USB-Löschstation als Software auf einem Raspberry Pi implementiert. Die Software wartet drauf, dass ein USB-Stick angeschlossen wird. Der wird dann bereinigt. Also: shreddy, ready, go!
The password reset function of AWS Cognito allows attackers to change the account password if a six-digit number (reset code) sent out by E-mail is correctly entered. By using concurrent HTTP request techniques, it was shown that an attacker can do more guesses on this number than mentioned in the AWS documentation (1587 instead of 20). If the attack succeeds and the attacked accounts do not have multi-factor authentication enabled, a full take-over of the attacked AWS Cognito user accounts would have been possible. The issue was fixed by AWS on 2021-04-20.
Why bother investing time to automate work when doing IT security testing? On one hand, manual testing is a tedious work, where you spend time doing vulnerability tests that could be done by a machine. On the other hand, letting a machine decide fully on its own on how to do tests will mostly result in the machine doing nothing useful. This is especially true for security testing, where manually checking every parameter for injection attacks is very laborious and automated security scanners go on scanning for hours while a human would have aborted the scan for various reasons. However, if we teach automated tools to do things correctly each time, we get the sweet middle spot of semi-automated security testing, where the tools do the automatic and systematic security tests and the analyst can focus on the parts of a security test, where the tools are likely insufficient.
Burp Suite Pro is one of the main tools to do all kind of HTTP related security analysis and that supports a semi-automated testing. But now and then it lacks certain features. Burp extensions can again add some of them. In this post we would like to show how to use one of the most powerful extensions, Hackvertor by Gareth Hayes and its relatively new feature of Python scripting.
Christian Folin vom Swiss Cyber Storm lud den freiberuflichen Bug-Bounty-Jäger Raphaël Arrouas und den IT-Sicherheitsanalysten Tobias Ospelt von der Pentagrid AG zu einem Interview über Vor- und Nachteile von Penetrationstests und Bug-Bounty-Programmen ein. Das Interview fand im Rahmen des Formats "SCS in a nutshell" statt. Während beide Ansätze valide Methoden für das Testen auf Sicherheitsproblemen sind, unterscheiden sie sich auch in vielen Aspekten.
How to stop Portswigger's Burp Proxy's built-in Chromium browser to leak information to Google's Safe Browsing during a web application penetration test?
In 2019 we looked at various products that are used by our customers. This post mentions two rather low hanging fruits that might be still important if the software is used due to their potential impact. These vulnerabilities affect TeamPasswordManager and Combodo iTop.
Pentagrid has been asked to manage the coordinated disclosure process for a vulnerability that affects several Windows printer drivers for a wide range of printers by the printer manufacture Ricoh. Due to improperly set file permissions of file system entries that are installed when a printer is added to a Windows system, any local user is able to overwrite program library files (DLLs) with own code.
This blog post is about Docker images for a very specific fuzzer and its sister projects, the American Fuzzy Lop (AFL). If you need a short introduction to the idea of fuzzing or you want to find general information for AFL, check out our last blog post "Fuzzing Java with JQF" (that will then go on and explain how to fuzz Java code) which has pointers to other ressources on the web.