Clik here to view.
Y U Phish Me? [Part 1]
By Melissa Augustine.Some emails have been censored for your protection :) A few days ago while I was browsing my inbox, I came across an interesting email from "Paypal" with the subject of "Help...
View ArticleClik here to view.
Y U Phish Me? [Part 2]
By Melissa Augustine. In the last blog post we had done some research on a spear phishing email I received. We used vim and regex to make our lives a bit easier for analysis purposes and we have...
View ArticleClik here to view.
Attacking Struts with CVE-2013-2251
By Mike McGilvray.Apache Struts is a free, open-source, MVC framework for creating elegant, modern Java web applications. It favors convention over configuration, is extensible using a plugin...
View ArticleWhat's Really Open? Nmap Tips for an Accurate Port List
by Josh Bealey Anyone who has done lots of port scanning over the internet will know that Nmap often identifies certain ports as filtered. In this blog post, we'll look at alternative scans that can...
View ArticleClik here to view.
An Open Cyber Security Framework
By Mateo Martinez. In this blog post we´re going to present a brief overview of the Open Cyber Security Framework Project. There are a number of frameworks already on the market like the new NIST...
View ArticleClik here to view.
Identifying Malware Traffic with Bro and the Collective Intelligence...
By Ismael Valenzuela. In this post we will walk through some of the most effective techniques used to filter suspicious connections and investigate network data for traces of malware using Bro, some...
View ArticleClik here to view.
Combatting AppScan's "Scan out of session"
By Kunal Garg. Web application scanners may be full of repetition and obvious vulnerabilities but they do have their place in a web application penetration test. While they should never be used as the...
View ArticleClik here to view.
Extending Burp Proxy With Extensions
By Chris Bush. The world of information security is awash with tools to help security practitioners do their jobs more easily, accurately and productively. Regardless of whether you are responsible for...
View ArticleClik here to view.
Application Whitelisting Programs, WinXP EoS, and HIPAA's Security Rule
By The Foundstone Strategic Services Team. The United States Department of Health and Human Services (HHS) has stated that the “Security Rule does not specify minimum requirements for personal computer...
View ArticleSecure Usage of Android Webview:
By Naveen Rudrappa The WebView class is one of the most powerful classes and it renders web pages like a normal browser. Applications can interact with WebView by adding a hook, monitoring changes...
View ArticleClik here to view.
Heartbleed Recap and Testing
By Mateo Martinez and Melissa Augustine.CVE-2014-0160 also known as the "Heartbleed Bug", is a serious vulnerability in OpenSSL, one of the most widely used cryptographic libraries. This bug has been...
View ArticleRecap of BYOD Risks
By Kunal Garg. Bring Your Own Device (BYOD) has been a hot topic over the last two years as organizations begin to permit employees to bring personally owned mobile devices (such as laptops, tablets,...
View ArticleClik here to view.
Multi-Staged/Multi-Form CSRF
By Deepak Choudhary. Exploiting a CSRF vulnerability that relies on a single request (GET/POST) is often a simple task, and tools like Burp make effort even easier. However, exploitation can become...
View ArticleClik here to view.
Acquiring Linux Memory from a Server Far Far Away
By Dan Caban. In the past it was possible to acquire memory from linux systems by directly imaging (with dd) psudo-device files such as /dev/mem and /dev/kmem. In later kernels, this access was...
View ArticleClik here to view.
Debugging Android Applications
By Naveen Rudrappa. Using a debugger to manipulate application variables at runtime can be a powerful technique to employ while penetration testing Android applications. Android applications can be...
View ArticleDojo Toolkit and Risks with Third Party Libraries
By Deepak Choudhary. 3rd party libraries can become critical components of in-house developed applications, while the benefits to using them is huge, there is also some risks to consider. In this blog...
View ArticleClik here to view.
Privilege escalation with AppScan
By Kunal Garg. Web application vulnerability scanners are a necessary evil when it comes to achieving a rough baseline or some minimum level of security. While they should never be used as the only...
View ArticleClik here to view.
Approaches to Vulnerability Disclosure
By Brad Antoniewicz. The excitement of finding a vulnerability in piece of commercial software can quickly shift to fear and regret when you disclose it to the vendor and find yourself in a...
View ArticleClik here to view.
Writing Slack Space on Windows
By Diego Urquiza. I’m a Foundstone intern in NYC office and for a project I decided to write a tool to remove file slack space. In this post I’ll introduce the methods I took in writing the tool then...
View ArticleClik here to view.
KLEE on Ubuntu 14.04 LTS 64Bit
by Brad Antoniewicz. It seems like all of the cool kids nowadays are into Symbolic Execution, especially for vulnerability research. It's probably all because of DARPA's Cyber Grand Challenge - a...
View ArticleClik here to view.
Learning Exploitation with FSExploitMe
By Brad Antoniewicz. I've been an adjunct professor at NYU Poly for almost two years now. It's been a great experience for a number of reasons, one of which is because I'm teaching a hot topic:...
View ArticleClik here to view.
My Cousin VIMmy: A Journey Into the Power of VIM
By Melissa Augustine Goldsmith. I was cleaning up some YARA rules we have in the office. I am, if anything, a bit OCD about tabs and spacing. I came across this rule from Contagio Exploit pack......
View ArticleClik here to view.
Face Smack: A CSAW CTF Challenge
By Brad Antoniewicz. For the last couple of years, I've had the pleasure to help out with and judge NYU Poly CSAW's CTF, the largest student-run Capture the Flag competition is the United States...
View ArticleClik here to view.
hostapd-wpe: Now with More Pwnage!
By Brad Antoniewicz. A major component of hacking IEEE 802.11 wireless networks is targeting the client's system. This is because of the trusting nature of wireless and corporate systems can be tricky...
View ArticleClik here to view.
A Brief Overview of the Google Authenticator
By Deepak Choudhary. Many application providers are considering implementing a more robust login mechanism to their applications as single layer authentication is no longer considered a secure...
View Article