Web Application Security Zone by Netsparker

The Powerful Resource of PHP Stream Wrappers

Category: Web Security Readings - Last Updated: Wed, 14 Nov 2018 - by Ziyahan Albeniz
The Powerful Resource of PHP Stream Wrappers

This blog post examines how PHP stream wrappers can be used to bypass keyword based blacklists. It includes an examination of the generic functions that can be used to interact with streams, the concept of stream-context and steam filters. It also looks at PHP wrappers in RFI attacks and bypassing blacklists. Code samples are supplied throughout. Read More

Using Google Bots as an Attack Vector

Category: Web Security Readings - Last Updated: Thu, 08 Nov 2018 - by Netsparker Security Team
Using Google Bots as an Attack Vector

This article examines the latest attack vector to surface: using Google Bots. It examines how search engines sue bots to help index websites, explains how such attacks happen and how to counter them. Code samples are included. Read More

Negative Impact of Incorrect CSP Implementations

Category: Web Security Readings - Last Updated: Tue, 06 Nov 2018 - by Netsparker Security Team
Negative Impact of Incorrect CSP Implementations

This blog examines incorrect CSP implementations on the New Yorker and Blogger, common issues in CSP implementations and solutions, how to determine if your CSP implementation is problematic and how to test it with the Report Only monitoring mode. It also lists CSP directives and their keywords, and how to use CSP correctly. Read More

Pros and Cons of DNS Over HTTPS

Category: Web Security Readings - Last Updated: Thu, 01 Nov 2018 - by Sven Morgenroth
Pros and Cons of DNS Over HTTPS

This blog post introduces the Domain Name System and what happens when a browser issues a DNS request. It then explains the technical basics of its successor, DNS Over HTTPS (DoH), why it is unavailable on your Android phone and how to circumvent this. Finally, it examines whether it enhances security and privacy, and how to disable it. Read More

Netsparker's Web Security Scan Statistics for 2018

Category: Web Security Readings - Last Updated: Thu, 25 Oct 2018 - by Netsparker Team
Netsparker's Web Security Scan Statistics for 2018

Over the last three years the online edition of the Netsparker web application security solution scanned thousands of web applications. In this report we analyse the type of vulnerabilities and security flaws the scanning engine found in thousands of web applications. Read More

The Dangers of Open Git Folders

Category: Web Security Readings - Last Updated: Thu, 18 Oct 2018 - by Ziyahan Albeniz
The Dangers of Open Git Folders

This blog post examines the research of Finnish computer scientist Vladimir Smitka on the dangers of open version control system Git files. We discuss his results, how prevalent it is, why the structure of Git makes it so convenient for hackers, how you can check if your Git folder is open and how to protect your folders. Read More

NoScript Vulnerability in Tor Browser

Category: Web Security Readings - Last Updated: Thu, 11 Oct 2018 - by Ziyahan Albeniz
NoScript Vulnerability in Tor Browser

This blog post discusses the 0-Day vulnerability introduced into the Tor Browser's NoScript script blocking extension, originally designed to allow users to block JavaScript from running, and how it could have been disabled it in order to potentially unmask Tor users with a JavaScript exploit. It includes an explanation of the exploit code. Read More

Sven Morgenroth Talks About PHP Type Juggling on Paul's Security Weekly Podcast

Category: Web Security Readings - Last Updated: Tue, 18 Sep 2018 - by Robert Abela
Sven Morgenroth Talks About PHP Type Juggling on Paul's Security Weekly Podcast

Watch episode #572 of Enterprise Security Weekly in which Sven Morgenroth, one of Netsparker's Security Researchers, talks about data types and type comparisons in PHP. Sven then demonstrates vulnerabilities that can arise due to loose PHP comparisons, including Authentication Bypasses, crypto-related flaws and Hashing Algorithm Disclosure. Read More

Vulnerability Assessments and Penetration Tests – What's the Difference?

Category: Web Security Readings - Last Updated: Thu, 06 Sep 2018 - by Dawn Baird
Vulnerability Assessments and Penetration Tests – What's the Difference?

This blog examines the difference between vulnerability assessments and penetration tests by defining both, and explaining the different results each produces. It also contains advice as to which approach your organization should adopt, and the scenarios that help determine this choice. There's guidance on which to use and how much it might cost. Read More

Final Nail in the Coffin of HTTP: Chrome 68 and SSL/TLS Implementation

Category: Web Security Readings - Last Updated: Thu, 30 Aug 2018 - by Ziyahan Albeniz
Final Nail in the Coffin of HTTP: Chrome 68 and SSL/TLS Implementation

In this blog post, our Security Researcher Ziyahan Albeniz examines the latest Chrome release, which makes secure web connections the new standard by checking the validity of secure TLS certificates. This article examines encryption keys, certificates and certificate authorities, HSTS, HPKP, SRI and CSP, and concludes with some code examples. Read More

Leverage Browser Security Features to Secure Your Website

Category: Web Security Readings - Last Updated: Tue, 14 Aug 2018 - by Ziyahan Albeniz
Leverage Browser Security Features to Secure Your Website

On June 27, 2018 Ticketmaster UK announced a data breach incident. This time, one of JavaScript's unexpected limitations prevented a security incident – at least for Turkish users. This blog post discusses how leveraging browser security features, such as Subresource Integrity and Content Security Policy could have secured their website. Read More

What the Reddit Hack Teaches Us About Web Security

Category: Web Security Readings - Last Updated: Tue, 14 Aug 2018 - by Ziyahan Albeniz
What the Reddit Hack Teaches Us About Web Security

Reddit announced that they had been the victim of an elaborate hack. The attackers accessed email digests of August 2018 and the entire 2007 database backup which included old salted and hashed user passwords. They also compromised a few accounts of Reddit employees by intercepting the SMS used in 2FA. Read More

Exploiting a Microsoft Edge Vulnerability to Steal Files

Category: Web Security Readings - Last Updated: Wed, 01 Aug 2018 - by Ziyahan Albeniz

This blog post documents our Security Researcher Ziyahan Albeniz's experiment in exploiting a Microsoft Edge browser vulnerability. He explains how a combination of SOP, the ability to email clickable links and a vulnerability in both the Windows Mail and Calendar applications actually enable the exploit. It includes his Proof of Exploit video. Read More

Ferruh Explains Why Web Application Security Automation is a Must in Enterprises

Category: Web Security Readings - Last Updated: Wed, 25 Jul 2018 - by Dawn Baird

Watch episode #98 of Enterprise Security Weekly, in which Ferruh Mavituna, our CEO, talks about penetration testing versus dynamic scanning tools, such as Netsparker; the differences between Waterfall and Agile methodologies; addressing vulnerabilities early in the SDLC; static integration; accuracy and trust; bug bounties; and workflow management. Read More

What is an osquery Injection and How Does it Work?

Category: Web Security Readings - Last Updated: Thu, 19 Jul 2018 - by Omer Citak

This blog post examines osquery, a framework that enables developers to write SQL-based queries that explore system data. It includes instructions for how to install osquery on the Ubuntu operating system. It also explores what osquery allows you to do and concludes with an examination of the osquery library and injection. Read More

Server-Side Template Injection Introduction & Example

Category: Web Security Readings - Last Updated: Thu, 12 Jul 2018 - by Sven Morgenroth

This article introduces Server Side Templates and explains why and how they can be susceptible to Server-Side Template Injection vulnerabilities. It includes examples of HTML, PHP and CSS code and concludes with a list of recommendations on how to protect your web applications from attacks that exploit SSTI vulnerabilities. Read More