-
Article: The business case for security frameworks
I’ve written a new article for The Web Application Security Consortium‘s Guest Article Project. From the paper "One of the reasons why vulnerabilities are still common-place is because new generations of developers are making the same mistakes. I don’t put the majority of the blame on them because they may not know any better. Many…
-
WASC-Articles: ‘The Importance of Application Classification in Secure Application Development’
The Web Application Security Consortium is proud to present ‘The Importance of Application Classification in Secure Application Development‘ by Rohit Sethi. In this article Rohit describes the importance of Application Classification during the secure development process. Article Link: http://www.webappsec.org/projects/articles/041607.shtml
-
Know your Enemy: Web Application Threats
A very long paper on web application security threats has been released by honeynet.org. If you’re curious about web application security this document is a good place to start for the overall picture. "With the constant growth of the Internet, more and more web applications are being deployed. Web applications offer services such as bulletin…
-
Article: Healthy suspicion Web application security
"Every website owner needs to reckon with attackers who may try to misuse their site for spam, phishing or other purposes. Web applications which use PHP or other scripting languages are especially vulnerable. Familiarity with common security vulnerabilities and attack methods can, however, help you fend off the bad guys." Article Link: http://www.heise-security.co.uk/articles/84511/0
-
Read RSS and get hacked
Computerworld referenced some research that I had done on RSS Security in an article discussing how RSS and other web based feeds can be used as deployment vectors for malware. For those of you reading this entry coming from an RSS feed, no worries I haven’t owned you as it wouldn’t be in my interest…
-
Web Application Logic Exploitation
Marko writes " I wrote a small paper scratching the surface on logic vulnerabilities." "Most web application auditing papers have concentrated on things like SQL injection, Crosssite Scripting and similar attacks, that are more technical in nature. What I try to accomplish with this small paper and it’s examples is to give some insight into…
-
Using Fuzzers in Software Testing: Identifying Application Risks
I’ve written a short blurb on my other site QASEC.com on why using fuzzers in QA can pay off. This is a new site focused on speaking to the various people involved in a development cycle using a language that they are familiar with in short to the point articles. "Fuzzers are used to perform…
-
CGISecurity Article: The Cross-Site Request Forgery FAQ
The Cross-site Request Forgery FAQ has been released to address some of the common questions and misconceptions regarding this commonly misunderstood web flaw. This paper serves as a living document for Cross-Site Request Forgery issues and will be updated as new information is discovered. If you have any suggestions or comments please contact us. UPDATE:…
-
Writing Software Security Test Cases: Putting security test cases into your test plan
Besides CGISecurity.com I'm involved with my other project QASec.com a new website aimed at teaching security throughout the development cycle with a heavy focus on security testing I've just written an article explaining how Quality Assurance Engineers can include security testing into their test plans. "Part of software testing involves replicating customer use cases against…
-
WASC-Announcement: Capturing and Exploiting Hidden Mail Servers
The Web Application Security Consortium is proud to present 'MX Injection: Capturing and Exploiting Hidden Mail Servers' written by Vicente Aguilera Diaz of Internet Security Auditors. In this article Vicente discusses how an attacker can inject additional commands into an online web mail application communicating with an IMAP/SMTP server. Article Link: http://www.webappsec.org/projects/articles/121106.shtml
-
Palisade Articles on Web Application Security
"Palisade is a monthly online magazine that focuses on application security. In each issue, we discuss topics of current interest in developing and using secure software." I stumbled upon this website by accident and it has quality articles worth checking out. Site Link: http://palisade.plynt.com/
-
Forging HTTP request headers with Flash
Amit Klein has written another fine paper involving using Flash to send http requests. "Flash player is a very popular browser add-on from Adobe (actually, Flash was invented by Macromedia, which was acquired by Adobe). This write-up covers mostly Flash 7 and Flash 8, together covering more than 94% of the Internet-enabled desktops (according to…
-
Misunderstanding Javascript injection: A paper on web application abuse via Javascript injection
UPDATED: 1/30/06 Response from Author "Just to inform you that the malicious code mentioned to you was actually partly research for the paper. If you take a look at the latest version (with lynx if you like), I now refer to the clipboard issue in issue 3 (this was introduced in 1.2.0 of my paper.…
-
XST Strikes Back (or perhaps “Return from the Proxy”…)
Amit Klein has written a new article entitled "XST Strikes Back (or perhaps "Return from the Proxy"…)". Whatever the final title may be it outlines how XST vulnerabilities can still exist when a proxy server is in front of the server that an attacker is wishing to launch the attack against. "About three years ago,…
-
Malware Future Trends
Dancho Danchev has written an article outlining a few malware trend predictions that is worth checking out. If you're into that sort of thing I wrote an article on web Application Worms that you may also wish to check out. Article Link: http://www.astalavista.com/media/archive1/files/malwaretrends.pdf
-
Uninformed Online Zine #3 Released
A online zine called 'uninformed' has just released issue #3. I gotta say it's worth checking out. Below is the list of the table of contents. * Bypassing PatchGuard on Windows x64 * Windows Kernel-mode Payload Fundamentals * Analyzing Common Binary Parser Mistakes * Attacking NTLM with Precomputed Hashtables * Linux Improvised Userland Scheduler Virus…
-
Top 7 PHP Security Blunders
Sitepoint has published an article covering the 7 most common vulnerability types applied to the PHP language as well as configuration options to futher lock down your environment. While I disagree with the structure/actual 7 the article is good and worth checking out. If you're lazy and just want the seven here it is. (I'm…
-
“The Anatomy of Cross Site Scripting” Paper released
libox.net has released a cross site scripting paper which provides examples of bad php code, and also talks a little bit about automating an attack. Additional papers on XSS can be found in our Cross Site Scripting section. “Cross site scripting (XSS) flaws are a relatively common issue in web application security, but they are…
-
“What is IIS Security?”
Joe Lima from Port80 Software Inc. has released an article on IIS Security fundamentals. What IIS Security?
-
Two new Blind SQL Injection papers released
This week two new papers on blind sql injection have been released. The first paper was released by Webcohort goes into detail on how to detect blind sql injection, and how to carry out an attack. The paper released by Spidynamic's "SPI Labs" covers similar information, but also contains example 'fixes' for ASP.NET, and JSP…
-
Securing MySQL: step-by-step
Securityfocus.com has published "Securing MySQL: step-by-step" a guide to locking down your MySQL Server. "MySQL is one of the most popular databases on the Internet and it is often used in conjunction with PHP. Besides its undoubted advantages such as easy of use and relatively high performance, MySQL offers simple but very effective security mechanisms.…
-
Penetration Testing for Web Applications (Part Three)
Securityfocus.com has released Penetration Testing for Web Applications (Part Three) which talks about Logic programming flaws, Session ID Issues, and mentions a few useful tools that are used for auditing web applications.
-
MRTG for Intrusion Detection with IIS 6
I found this interesting article on securityfocus which explains how to use mrtg (a popular traffic monitor tool) to monitor intrusion attempts against a IIS 6.0 machine. "But MRTG is also a very effective intrusion detection tool. The concept is simple: attacks often produce some kind of anomalous pattern and human brains are well-equipped to…
-
Basic IIS Lockdown Using Scripts and Group Policy
"Microsoft Active Directory and Group Policy have a feature-rich set of tools and processes to help save an administrator time and energy in maintaining security within the domain. Locking down a server requires many steps to complete, and depending on the extent to which the server is locked down, it can take up to several…
-
Microsoft released Ebook on web security
Microsoft has released a massive 919 page ebook covering everything from how to lock down your web server, web services, web applications, and web application servers. This book is worth a read and I highly recommend it. Improving Web Application Security: Threats and Countermeasures, June 2003 (PDF) (6.7 Meg)
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack