Various subdomain enumeration techniques are used to identify the attack surface of a domain or organisation.
The aim is to obtain as complete a list as possible of all the subdomains associated with the targeted domain.
At Vaadata, we carry out this type of enumeration almost systematically during our audits. This is done as part of a global reconnaissance phase, in order to provide our clients with an overview of the subdomains and servers exposed.
Kerberos is an authentication protocol used in a Microsoft Active Directory context. The lack of knowledge about how it works can lead to the introduction of vulnerabilities that can be exploited by an attacker.
In this article, we will explain the principle and operation of the Kerberos authentication protocol.
Cloudflare has established itself as a key player on the web in recent years, offering not only CDN services, but also protection against various attacks. However, for these protections to be fully effective, it is essential that the server is correctly configured.
Indeed, it is crucial to prevent attackers from gaining direct access to the servers hosting web applications. To do this, users must use Cloudflare, which will redirect traffic to the server according to the specific rules defined by the client.
Command injections are one of the most critical vulnerabilities in web security. They occur when an attacker manages to execute arbitrary system commands on the web server. This type of attack can result in the leakage of sensitive data, data corruption or complete control of the target environment.
In this article, we explore the principles and methods of command injection exploitation. We also present the security best practices and measures to implement to prevent these attacks.
Pre-Account Takeover is a type of attack that we very often carry out during our audits. Although it is only possible in very specific situations, the possibilities for malicious exploitation are becoming increasingly common, with potentially serious consequences for data security.
In this article, we present how a Pre-Account Takeover attack works. We will also look at the specifics of the attack, using a concrete example, as well as security best practices for countering the risk.
Security vulnerabilities are a major risk for modern web applications, potentially exposing sensitive user data and corporate infrastructures to malicious attacks.
One of the most feared vulnerabilities is Remote File Inclusion (RFI). This attack technique enables an attacker to inject and execute arbitrary code hosted on a remote server.
Whatever the web application, it is common practice to allow users to change their email address. This functionality is critical because it has a direct impact on account management. Furthermore, the email address is often used as an identifier for authentication. It is therefore essential to secure this functionality.
There are several different situations. In some cases, the application allows users to change their own email address. In other cases, an administrator can change users’ email addresses. Sometimes, both options are possible.
IoT security is a key issue for organisations. In all sectors and areas of activity (healthcare, industry, services, transport, energy, etc.), the IoT brings development and growth.
There are currently an estimated 15 billion IoT objects in use worldwide. This number could double by 2030. However, this proliferation of connected objects brings with it new challenges, particularly in terms of security.
With cyberattacks on the rise, carrying out an IT security audit has never been a higher priority for businesses.
Web applications, mobile apps, APIs, cloud infrastructures, connected objects, networks and people – nothing is spared. As a result, security audits have become an essential tool for all types of business. Whether technical audits, organisational security audits or compliance audits, there are numerous solutions for securing an information system and countering risks.
Prototype pollution vulnerabilities are specific to JavaScript. They can be exploited on both the server and client sides. These vulnerabilities allow attackers to execute malicious code or steal data.
It is therefore crucial to understand and address these vulnerabilities. This article details the principles of prototype pollution vulnerabilities, server-side and client-side exploits, as well as the measures to implement to counter these attacks.