Often, when we hear about Java serialization, we find resources or challenges that only talk about generating and executing ysoserial payloads.
In some situations, this can work. However, as soon as a customer is aware of this possibility, rather than using a more secure format, they generally prefer to use a library such as notsoserial which prevents the deserialization of unauthorized classes.
In the space of 5 years, the number of Denial of Service (DoS) attacks has almost doubled. The result is the paralysis of tens of millions of web platforms and the loss of thousands or even millions of euros by victim organisations.
Companies such as Amazon and GitHub have already been affected by this type of attack. One of the best-known attacks is MIRAI, which used a botnet of nearly 100,000 hijacked machines to make Dyn’s services unavailable in 2016.
During a penetration test, we generally consider 3 test conditions: black, grey or white box.
These test conditions correspond to the levels of information provided to the pentesters in order to carry out a pentest on a specific target. While a white box pentest will consist of providing as much information as possible, during a black box penetration test, the pentesters will have no data on the test target.
When pentesting a web application, an API or an internal network, there are generally 3 approaches: black box, grey box and white box testing.
These approaches or test conditions correspond to different levels of information provided to the pentesters to identify potential vulnerabilities and weaknesses that could compromise the integrity of a target system.
Antivirus, anti-malware and EDR are tools commonly used to prevent attacks.
However, these solutions can be bypassed. In this article, we take a closer look at the various antivirus and EDR bypass techniques that can be implemented in a loader: a program whose aim is to execute a malicious payload on a machine by bypassing the various protections in place.
You will no doubt be familiar with phishing, which consists of sending malicious emails to encourage people to perform sensitive actions, such as entering their credentials on a fake authentication page.
Smishing is very similar, except that the attacker does not send emails, but text messages, hence the name smishing. Essentially, smishing is nothing more and nothing less than SMS phishing.
With cybersecurity risks on the rise, it is becoming more and more obvious to carry out a penetration test (pentest) to reassure customers, partners and investors.
Moreover, for companies involved in a certification process (ISO 27001, SOC2, HDS, PCI-DSS, etc.), a penetration test is an imperative. And for others, it is an essential prerequisite for satisfying the pentesting report requests of their customers and prospects.
Passwords are still the most common way of authenticating a user. However, setting up a password management system that is both simple and secure can sometimes be tricky.
Indeed, the password reset feature is an interesting target for an attacker, as it can facilitate the theft of user accounts if poorly implemented.
Burp is an essential offensive security tool. It is used by a majority of professionals (including us pentesters) and is dedicated mainly to pentesting web applications.
In this article, we’ll take a look at Burp Suite’s main features and key extensions.
APIs are prime targets for attackers because of their exposure and critical nature, particularly in terms of handling sensitive data. To minimise the risk of security breaches, it is essential to implement robust security measures, understand the types of attack and assess their potential impact.
There are several ways of assessing the security of an API. In this article, we present the “offensive” approach, which we believe to be the most effective: API penetration testing (or API pentesting). We detail the principles and objectives, as well as use cases for black box, grey box and white box pentesting.
Mobile applications are increasingly used in all areas of business: HR, finance, insurance, transport, and so on. As a result, they are prime targets for attackers.
There are several ways of assessing the security of a mobile application. In this article, we present the “offensive” approach, which we believe to be the most effective: mobile penetration testing (or mobile pentesting). We detail the principles, objectives, methodology and features tested during mobile application penetration testing.
Security misconfiguration is a worrying problem, occupying fifth place in the OWASP Top 10. In fact, we frequently encounter many vulnerabilities of this type during our web application penetration tests. Furthermore, this security issue affects a large number of web applications (90% according to OWASP).
In this article, we present this type of vulnerability through the prism of the OWASP Top 10, using attack scenarios. We also detail the best practices and measures to be implemented to protect against them.
Third-party components are omnipresent in web applications. Libraries, frameworks and other system components are used more and more, because they reduce costs and make development easier.
However, like any system, these third-party components may contain vulnerabilities that can be exploited in attacks on web applications. Furthermore, exploits that are discovered, and often made public, can have a snowball effect, compromising an entire web application, servers, database systems, etc.