SANS Penetration Testing: Author - eskoudis

Getting MOAR Value out of PHP Local File Include Vulnerabilities

By Jeff McJunkin Wouldn't web application penetration testing be easier if you could look at the source code? Well, when looking to expand my web apppentesting skills, my good friend and co-worker, Josh Wright, mentioned a specific new twist for Local File Include vulnerabilities on PHP-based web servers: PHP wrappers. PHP wrappers allowus to make … Continue reading Getting MOAR Value out of PHP Local File Include Vulnerabilities


Mount a Raspberry Pi File System Image

By Josh Wright Yesterday, I started my yearly Epic Desk Cleanout. This annual ritual is more about holding up a trash can and sweeping everything into it. I really clean, which includes cataloging all the random SD cards I've collected throughout the year. For SD cards, I'll typically dd the contents of the drive to … Continue reading Mount a Raspberry Pi File System Image


Mining Meteor

By Tim Medin SANS Instructor & Counter Hack Engineer Meteor is a game-changing framework for rapid software development and is the top-rated web framework on Github. Meteor offers a number of benefits including offering real-time applications by default. With its greatbenefits, we are likely to see more Meteor applications... ...And you should know how to … Continue reading Mining Meteor


Ghost in the Droid: Reverse Engineering Android Apps

By Joshua Wright For the past few years I've been invited to speak at the SANS HackFest conference. This is a great opportunity for me to present new research and useful pen testing techniques to a hungry audience. It's also a highly competitive event among speakers. Each year my stuff needs to be bigger and … Continue reading Ghost in the Droid: Reverse Engineering Android Apps


Azure 0day Cross-Site Scripting with Sandbox Escape

[Editor's Note: Chris Dale is an amazing gentleman. He finds Cross-Site Scripting (XSS) flaws in the most interesting and wonderful places. In this article, Chrisshares some insights into his methods and how he applied them in finding a zero-day XSS flaw associated with Microsoft Asure. Good reading! -Ed.] By Chris Dale Earlier in 2016, I … Continue reading Azure 0day Cross-Site Scripting with Sandbox Escape