Writing meaningful and professional penetration testing reports

I have been through hundreds of penetration tests over the last few years, both on the testing side and on the "defending" side. Actually, in many cases I'm doing routine, internal security testing on apps that then go through a 3rd party pentest, so I can compare their results with mine. It's probably not very surprising that BurpSuite is the tool of choice for almost everyone, because it's reliable, feature-rich and well priced — £199 per year in this business is really cheap.

Podpis elektroniczny oraz alternatywne metody autoryzacji na przykład Profilu Zaufanego platformy ePUAP

in

Praca licencjacka Marcina Prządło napisana pod kierunkiem prof. dr hab. Tadeusza Grabińskiego na Krakowkskiej Akademii im. Andrzeja Frycza Modrzewskiego na Wydziale Ekonomii i Zarządzania.

Content Security Policy and empty blocked-uri

Content Security Policy violation reports are usually very helpful in not only debugging your security policy, but actually for building it from scratch. There's however one case when they can be quite annoying...

First hand experience with Internet censorship in Russia

Spending two weeks in Russia I had an opportunity to look at how their Internet censorship system operates in practice. As human rights watchdogs alarmed already, the scope of blocked websites now goes way beyond the typical criminal content declared initially by the government and now routinely includes political content. The good news is that the system is still easily bypassable even by an unexperienced user.

Gallery of Twitter API nonce overkills

Looking for a Twitter API library that would work with Python 3 I stumbled upon a number of projects that implement OAuth authentication protocol in a rather superfulous way (but "baroque" would be a better word here).

Effective IP blacklisting in OpenWRT

in

Emerging Threats publishes excellent, free IP blacklists for general usage at servers and routers, in formats suitable for use with iptables and other popular firewalls. Unfortunately, on low memory and small CPU devices, loading ~1.5k iptables rules is a performance killer — here's how to do this more efficiently using ipset.

Avoiding mass assignment vulnerability a in Play Framework and DropWizard

Play Framework comes equipped with a pretty complete object-relational mapping (ORM) features to enable fast and easy exchange of data between web forms and database models. As usual, with fast and easy comes the risk of abuse and Play is no exception here.

ProtonMail security promise

While I can only praise any new attempts to build usable, cryptography-enabled email service I doubt that ProtonMail is really able to deliver all the privacy promises it declared.

Will OpenSSL bring back the software quality guarantees debate?

Back in 2009 the European Commission raised a controversial proposal to grant consumer rights to software users, much like those applying to cars or other "physical" goods.With recent Heartbleed failure of OpenSSL it's likely that these populist proposals will appear again. Why wasn't that good idea?

Why Heartbleed is dangerous? Exploiting CVE-2014-0160

in

8 April 2014 is a busy day for sysadmins. Everyone is patching CVE-2014-0160 and I can actually see this in realtime — servers that were vulnerable in the morning, no longer expose their data in the afternoon. This is not really frequent that a vulnerability is treated so seriously, but in this case it's fully justified.

Electronic identification and trust services for electronic transactions in the internal market

in

New electronic signature directive named "Electronic identification and trust services for electronic transactions in the internal market" (eIDAS) has been now voted in favour at the European Parliament.

Public key pins, a new safeguard for HTTPS websites

in

Public-Key-Pins will be the new HTTP header to inform user browsers what X.509 certificates are identifying the websites and prevent various forms of man-in-the-middle attacks on SSL.

Using ESAPI with Play Framework

Does Play Framework need ESAPI at all? It is pretty robust as it comes to automatic escaping of potential cross-site scripting vectors but if you don't use Play templates to display data (but an AJAX API instead) you'll need to do this separately. Play also offers a quite good validation framework but you still need to actually implement the validation functions for some types of content — and here's where OWASP ESAPI comes handy.

Security-related HTTP headers in the wild

in

As Veracode published their analysis of security headers on top 1m websites, I realized that I can actually compare their results with mine.

Content Security Policy as malware detector

Content Security Policy not only protects websites that use it, but also to some extent helps in detecting malware and adware programs installed on client computers.

Syndicate content