Today we start with a new series of blog posts, namely, active directory components. In this three part series on Kerberos, we’ll be talking about it’s three heads: Part 1: What Kerberos is and how it works? Part 2: The notorious techniques of kerberoasting and ticketing attacks (golden and silver ...
Before we travel through the Secure code review in SDLC phase. Let us first understand what is Secure Coding, why it should be the part of early phase of SDLC, importance and best practices, available tools. Security Code Review: A secure code review is a part of the code review ...
Hello everyone, in this final installation of the OAuth blog series, we’ll be covering two vulnerabilities in the OAuth implementation. If you haven’t checked out the previous parts you can check out part one here and part two here. Before we get started, a big thanks to PortSwigger and their ...
Zero-Trust is an up and coming security concept which says a simple thing: “Continuously validate all users, against set security configurations, before they are being granted permissions or are allowed to keep their existing access to resources & information”. This architecture assumes there is no implicit trust granted to assets ...
Continuing our previous post, where we discussed the basics of how OAuth 2.0 authentication worked, some known issues which arise due to either lack of understanding of the framework itself, or poor configuration of the same. In this blog, we’ll talk a little bit in detail of the vulnerabilities we ...
Apart from general penetration tests, timely vulnerability management and hardened network access controls, one other method to protect your devices as well as getting them compliant to industry standards is configuration audit. In this blog post we will cover what exactly is a configuration audit, why it is important, the ...
At least once till date, you must’ve come across sites that let you log in using your social media account [Facebook, LinkedIn, Google & various such platforms] The chances are that this feature is built using the well known OAuth 2.0 framework. This framework is liked by Pentesters because it ...
Hello everyone, we are all aware about Linux systems, its .bash_history and how it provides information about file locations, passwords passed in command arguments, a variety of scripts and so on. But did you know, something similar to it now also exists in PowerShell? That’s precisely what I will be ...
Hello everyone, A little over a week ago, we discussed about how we can leverage the saved state of deleted file left in the recycle bin and grab it for content in a data exfiltration scenario. You can read more about it here. Today, I want to share with you yet ...
Hello everyone. Today, I want to share with you another data exfiltration possibility. The last time, we discussed about how we can leverage the saved state of “temporary” files created by modern day editors, you can read about it here, if you haven’t already, do check it out! Just last ...