penetration-testing

How secure page browser cache vulnerability makes web application in secure?

时间秒杀一切 提交于 2021-01-28 11:01:03
问题 I am using OWASP's ZAP tool for vulnerability scanning, it shows alert for "secure page browser cache" vulnerability. Below are the details of ZAP alert: Risk: Medium Reliability: Warning Description : Secure page can be cached in browser. Cache control is not set in HTTP header nor HTML header. Sensitive content can be recovered from browser storage. Solution: The best way is to set HTTP header with: 'Pragma: No-cache' and 'Cache-control: No-cache'. Alternatively, this can be set in the HTML

Request.PathInfo issues and XSS attacks

旧街凉风 提交于 2020-06-27 12:16:48
问题 I have a couple of websites running on .NET 3.5 still due to an API restriction. We will eventually move these sites to the latest .NET version this year. One of the penetration tests indicated a possible XSS vulnerability. The URL in question is: Location: http://www.foobar.com/basket.aspx/scripts/searchresults.aspx Method: GET Vulnerable Parameter: name of an arbitrarily supplied URL parameter Basically, anything after basket.aspx like scripts/searchresults.aspx will cause the issue. From

Secured connection between app and server

◇◆丶佛笑我妖孽 提交于 2020-04-18 03:55:55
问题 I try these code to connect my ionic app to apiserver (get) import { Injectable } from '@angular/core'; import { HttpClient } from '@angular/common/http'; import { Observable } from 'rxjs'; import { map } from 'rxjs/operators'; @Injectable({ providedIn: 'root' }) export class EncryptionService { url = 'https://api.am....com'; api-key='......' constructor(private http: HttpClient) { } newcheck(checkid: string ,cost: string,toname: string,tocode: string,passcode: string,date: string,checkfor:

Secured connection between app and server

[亡魂溺海] 提交于 2020-04-18 03:55:13
问题 I try these code to connect my ionic app to apiserver (get) import { Injectable } from '@angular/core'; import { HttpClient } from '@angular/common/http'; import { Observable } from 'rxjs'; import { map } from 'rxjs/operators'; @Injectable({ providedIn: 'root' }) export class EncryptionService { url = 'https://api.am....com'; api-key='......' constructor(private http: HttpClient) { } newcheck(checkid: string ,cost: string,toname: string,tocode: string,passcode: string,date: string,checkfor:

Is proguard enough to pass penetration testing?

守給你的承諾、 提交于 2019-12-20 07:48:10
问题 For our android mobile app , we have to choose an obfuscation tool so that our app will pass penetration test cases. Is Proguard enough for the same or we should use Dexguard? 回答1: Obfuscation is NOT enough to pass a penetration test A proper penetration test will analyze both static and runtime behavior of your app, so the runtime behavior will not be covered at all only through obfuscation But also considering exclusively the static analysis that you will undergo you are far from being

how dangerous are the S3 error handling url parameters

核能气质少年 提交于 2019-12-11 03:34:38
问题 a website has this form where you can submit a file, there's an error in which when u try to access the file before uploading it, you get this fallback from S3, of what severity would you consider this error? how dangerous are the parameters passed on the path? image of the example 回答1: The information in the XML error message is not sensitive. Here's a breakdown of what it all means: <Code>NoSuchKey</Code> is simply a machine-readable 404 Not Found . <Message>The specified key does not exist

How can I run my own java code in the JVM that I am debugging remotely with JDWP?

佐手、 提交于 2019-12-06 13:07:27
问题 As a penetration tester, I have come across an open JDWP port. I can connect to it with Eclipse and browse the threads and memory, but I don't have the source code for the application. I'd like to inject my own Java code, perhaps as an Exception handler, in order to return a shell. How can I modify the running/suspended Java application over JDWP, preferably using Eclipse as my debugger? 回答1: I found the answer to my question: JavaPayload by Michael 'mihi' Schierl lets you load Java payloads

How can I run my own java code in the JVM that I am debugging remotely with JDWP?

為{幸葍}努か 提交于 2019-12-04 20:07:10
As a penetration tester, I have come across an open JDWP port. I can connect to it with Eclipse and browse the threads and memory, but I don't have the source code for the application. I'd like to inject my own Java code, perhaps as an Exception handler, in order to return a shell. How can I modify the running/suspended Java application over JDWP, preferably using Eclipse as my debugger? bonsaiviking I found the answer to my question: JavaPayload by Michael 'mihi' Schierl lets you load Java payloads through JDWP, among others. 来源: https://stackoverflow.com/questions/9100933/how-can-i-run-my

Burp Extension: add header to response

巧了我就是萌 提交于 2019-12-04 05:56:43
问题 Burp newbie writing an extension... I am trying to add a header to the response to test CSP rules. I have found lots of resources to add headers to Requests, but not for Responses. Here is the (non-working) code I have so far: def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): # determine what tool we would like to pass though our extension: if toolFlag == 4: #if tool is Proxy Tab # determine if request or response: if not messageIsRequest:#only handle responses response =

Which of these scripting languages is more appropriate for pen-testing? [closed]

独自空忆成欢 提交于 2019-12-03 02:29:03
问题 Closed . This question is opinion-based. It is not currently accepting answers. Want to improve this question? Update the question so it can be answered with facts and citations by editing this post. Closed 6 years ago . First of all, I want to avoid a flame-war on languages. The languages to choose from are Perl, Python and Ruby . I want to mention that I'm comfortable with all of them, but the problem is that I can't focus just on one. If, for example, I see a cool Perl module, I have to