XSS Auditors – Abuses, Updates and Protection

XSS Auditors – Abuses, Updates and Protection

| | Chrome, XSS
XSS Auditors are security mechanisms in browsers that operate as a preventative layer against Reflected Cross-site Scripting attacks. Each browser has a different way of implementing XSS Auditors. In this blog post, we discuss Google Chrome’s recent update that changes how the XSS Auditor behaves, and the different ways in ... Read More
ID Disclosure of Servers Behind WAFs Using XML-RPC Protocol

IP Disclosure of Servers Behind WAFs Using WordPress XML-RPC

| | vulnerability
By the end of the 90s, communication between distributed systems had become a crucial necessity. One of the solutions implemented since then is the XML-RPC (Remote Procedure Call) protocol. This protocol allows remote procedure calls through data transferred in the XML format. These calls enable different platforms to communicate with ... Read More
Frame Injection Attacks

Frame Injection Attacks

A Frame Injection is a type of Code Injection vulnerability classified by OWASP Top 10 2017 in its A1 Injection category. Cross-site Scripting is naturally prioritized by bug bounty hunters since it seems easily exploitable and effective. But malicious hackers are also attracted to this vulnerability, because there are aspects ... Read More
Same Site Cookies by Default in Chrome 76 and Above

SameSite Cookies by Default in Chrome 76 and Above

| | bowser, Chrome, cookie
Beginning its journey almost ten years ago, Google Chrome has become one of the most popular web browsers on the internet and continues to prioritize speed and security in its service to users. Earlier this month at Google’s I/O 2019 conference, the company announced they are getting ready to release ... Read More
Content-Type and Status Code Leakage

Content-Type and Status Code Leakage

The author of a bug bounty write-up published in Medium on March 20, username 'terjanq', demonstrated that the response to a resource varies based on the state of authorization of the user requesting it. As we explained in a previous blog post, referenced below, if the user is authorized to ... Read More
Separating Subdomains From Third-Party Hosted WWW Domains

Separating Subdomains From Third-Party Hosted WWW Domains

| | domains
Setting cookies on domains that have multiple subdomains can pose security risks if it is implemented incorrectly. An attacker who gains access to a particular domain can conduct a session fixation attack and hijack users’ sessions on its subdomains. To prevent attacks, there are a few security attributes and best-practices ... Read More
WordPress XSS Vulnerability Can Result in Remote Code Execution (RCE)

WordPress XSS Vulnerability Can Result in Remote Code Execution (RCE)

On March 13, 2019, RIPS Technologies, a company specializing in static code analysis software, released details of a Cross-site Scripting (XSS) vulnerability they found in all versions of WordPress up to 5.1.1. The vulnerability had been disclosed on various websites under different categories. Some classified it as a Cross-site Request ... Read More
Application Security is Vital Throughout SDLC

Application Security is Vital Throughout SDLC

| | sdlc
Application security is crucial right from the early stages of web application development. Developers and other team members involved in the product design stage should at least be aware of the need for web application security. However, recent studies and discussions show that developers do not actively pay attention to ... Read More
Behind the Scenes of Onion Services

Behind the Scenes of Onion Services

| | tor
In this article, we discuss how the domain name of the services in the Tor network are set and what security risks they may pose. We examine a study from Princeton University concerned with the habits of Tor users in order to determine the potential impacts of security risks. Onion ... Read More
Transforming Self-XSS Into Exploitable XSS

Transforming Self-XSS Into Exploitable XSS

Security researcher Brian Hyde was accepted into Synack Red Teams private bug bounty platform and discovered a Reflected XSS vulnerability in one of their programs. The difficulties he faced in exploiting this Cross-site Scripting (XSS) vulnerability, and the workarounds he developed during his research, are highly informative and worth investigating ... Read More
Loading...