SANS Penetration Testing: Category - web pen testing

Azure 0day Cross-Site Scripting with Sandbox Escape

[Editor's Note: Chris Dale is an amazing gentleman. He finds Cross-Site Scripting (XSS) flaws in the most interesting and wonderful places. In this article, Chrisshares some insights into his methods and how he applied them in finding a zero-day XSS flaw associated with Microsoft Asure. Good reading! -Ed.] By Chris Dale Earlier in 2016, I … Continue reading Azure 0day Cross-Site Scripting with Sandbox Escape


Pen Testing Node.js: Staying N Sync Can Make the Server Go Bye Bye Bye

By Tim Medin I recently came across a node.js server in a pen test. If you aren't familiar with node.js, Wikipedia describes it as "...an open-source, cross-platform runtime environment for developing server-side web applications. Node.js applications are written in JavaScript and can be run within the Node.js runtime on a wide variety of platforms." For … Continue reading Pen Testing Node.js: Staying N Sync Can Make the Server Go Bye Bye Bye


Modifying Android Apps: A SEC575 Hands-on Exercise, Part 1

By Joshua Wright Introduction As a security professional, I'm called on to evaluate the security of Android applications on a regular basis. This evaluation process usually takes on one of two forms: Evaluate app security from an end-user perspective Evaluate app security from a publisher perspective While there is a lot of overlap between the … Continue reading Modifying Android Apps: A SEC575 Hands-on Exercise, Part 1


PHP Weak Typing Woes — With Some Pontification about Code and Pen Testing

By Josh Wright The other day I was reading Jos Wetzels' post on the Full Disclosure mailing list regarding a vulnerability in the open source social networking kit HumHub. One of the issues he pointed out was a PHP 'type juggling' attack where an attacker can force a password reset against HumHub for a user … Continue reading PHP Weak Typing Woes — With Some Pontification about Code and Pen Testing


Finding Zero-Day XSS Vulns via Doc Metadata

[Editor's Note: Chris Andre Dale has a nice article for us about cross-site-scripting attacks, and he's found a ton of them in various high-profile platforms on the Internet, especially in sites that display or process images. He even found one in WordPress and responsibly disclosed it, resulting in a fix for the platform released just … Continue reading Finding Zero-Day XSS Vulns via Doc Metadata