Recent Posts

Categories

Archives

Automating Pentests for Applications with Integrity Checks using Burp Suite Custom Extension

March 17, 2020

During one of our recent web application penetration testing assignments, @realsanjay encountered a scenario where the application employed an integrity check on HTTP request content. The integrity check was maintained using a custom HTTP header that stored the HMAC of HTTP request content based on session-specific CSRF tokens. Any modification… Read More

Hacking AWS Cognito Misconfigurations

February 17, 2020

In this blog, Sunil Yadav, our lead trainer for “Advanced Web Hacking” training class, will discuss a case study of AWS account takeover via misconfigured AWS Cognito.  TL;DR The application under test only had a login page and no sign up feature exposed. Target application uses AWS Cognito JavaScript SDK… Read More

Cloud Services Enumeration – AWS, Azure and GCP

October 28, 2019

TL;DR: We have built cloud enumeration scripts now available @ https://github.com/NotSoSecure/cloud-service-enum/. This script allows pentesters to validate which cloud tokens (API keys, OAuth tokens and more) can access which cloud service. As cloud environments are becoming increasingly popular, we are seeing a rise in cloud environment usage in production. From… Read More

Identifying & Exploiting Leaked Azure Storage Keys

October 3, 2019

In this blog, Sunil Yadav, our lead trainer for “Advanced Web Hacking” training class, will discuss a case study of Remote code execution via Azure Storage when the Azure Function deployment is configured to run from Storage Account using WEBSITE_CONTENTSHARE app setting. TL;DR Access Leaked Storage Account’s Access Key Connect… Read More

Achieving DevSecOps using AWS Cloud Native Services

July 3, 2019

In our previous article Achieving DevSecOps using Open-Source Tools we explored what “DevSecOps” really meant and how that can be achieved using simple Open-Source tools integrated into an existing DevOps pipeline orchestrated with Jenkins and deployed on docker in an ad hoc on-premises architecture. In this article Rohit Salecha and… Read More