SQL injections are well-known and widely documented vulnerabilities. They exploit flaws in relational databases to manipulate or extract sensitive data.
With the rapid growth of modern web applications, NoSQL databases have gained in popularity, offering greater flexibility and scalability than their SQL counterparts.
Denial of Service (DoS) are among the most common attacks on the web. There are many variants. One of them, which is particularly easy to exploit and inexpensive in terms of resources, deserves our attention: Slow HTTP attacks.
In this article, we will explain how a Slow HTTP attack works. We will also look at the main types of attack and the security best practices to prevent them.
When a client accesses a website, it communicates with the server through the HTTP protocol. Initially text-based, this protocol became binary with HTTP/2, but its operation is still based on TCP.
Each exchange begins with the creation of a connection between the client and the server. With HTTP/1.0, this connection was closed after each request. But with HTTP/1.1, the Keep-Alive mode became the norm, allowing the connection to be kept open for several successive exchanges.
WebSocket is a real-time bidirectional communication protocol designed for efficient data exchange between a client (web browser, application) and a server.
Unlike traditional HTTP requests, which require a new connection to be opened for each exchange, WebSocket establishes a persistent connection. Once activated, it enables both parties to transmit messages continuously, without interruption.
Clickjacking is a discreet but formidable attack technique. It exploits the user interface to trick victims into interacting with invisible or disguised elements.
A simple click can thus lead to unwanted actions: modification of settings, account theft, or execution of a malicious script.
Phishing remains one of the most formidable and widely used techniques in cyber attacks.
Exploiting human weakness, this method consists of tricking victims into divulging sensitive information, such as credentials, or performing compromising actions, such as clicking on malicious links.
Content Security Policy (CSP) is an essential security measure for protecting web applications against certain types of attack. By defining strict rules on the resources that a browser can load, a CSP limits potential attack vectors.
However, a poorly configured Content Security Policy can be bypassed, leaving the application vulnerable.
Object injection is an application vulnerability that occurs when an application deserializes untrusted data.
If an attacker manages to inject a malicious object, he can exploit its properties to execute arbitrary code, steal data, modify the application’s behaviour or manipulate files remotely. In other words, this vulnerability can lead to a total compromise of the targeted system.
Blind SQL Injections are a category of SQL injection. Unlike traditional SQL injections, they do not directly provide the results of queries or detailed error messages.
The attacker must therefore rely on indirect clues, such as changes in the application’s behaviour or variations in response times, to exploit the vulnerability.
Kerberoasting is a common attack in Active Directory environments. It is based on a weakness in the Kerberos protocol, but its exploitation requires specific configurations.
In this article, we will explain how a kerberoasting attack works. We will also look at how to identify and exploit a vulnerable environment, as well as methods for protecting against it.
Before discussing techniques and tools, it is essential to define the ‘secrets’ sought during penetration tests.
These secrets are generally private character strings which, if compromised, can be used to access a system, break encryption or forge data useful for authentication. Examples include a username and password pair, API keys, private keys or a session token that is still valid.
