Bypass client-side generated HTTP security headers

Every now and then when doing a security test on a web application I have to deal with client-side generated HTTP headers that are there for security reasons. These headers can cause problems during a security test. Fortunately they can easily be bypassed using Burp Suite.

Door |2024-02-17T06:32:38+00:00juli 26, 2018|Article, Artikel, Engels, Nederlands|Reacties uitgeschakeld voor Bypass client-side generated HTTP security headers

Lessons to be learned from the Polar incident

Last Sunday, journalists from The Correspondent revealed that it was trivially easy to find the names and addresses of military and intelligence service personnel that use Polar, a popular runners wearable and fitness app. All runs (even private ones) made by owners of a Polar fitness device are stored on a central server, and can be viewed on a map. Even though the user interface restricted access to only public runs, bypassing the user interface and entering URLs manually allowed them to extract all runs made by anyone since 2014. Polar switched off access to the map recently to prevent further abuse of this. What can we learn from this incident?

Door |2024-02-17T06:32:38+00:00juli 19, 2018|Article, Artikel, Engels, Nederlands|Reacties uitgeschakeld voor Lessons to be learned from the Polar incident

Hunting with JA3

Within this blog post I will explain how JA3 can be used in Threat Hunting. I will discuss a relative simple hunt on a possible way to identify malicious PowerShell using JA3 and a more advanced hunt that involves the use of Darktrace and JA3.

Door |2024-02-17T06:32:38+00:00juli 5, 2018|Article, Artikel, Engels, Nederlands|Reacties uitgeschakeld voor Hunting with JA3
Ga naar de bovenkant