How to Test Horizontal & Vertical Authorization Issues in Web Application ?

Mehmet Ince Leave a comment

As you know, nowadays web applications could be as complex as operating systems. Most of those complexity comes from authorisation schemas. Such weaknesses are referred to in the literature as Insecure Direct Object Reference.

Insecure Direct Object References occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources in the system directly, for example database records or files.[1]  Read More

Attacking WPA Enterprise Wireless Network

Ahmet Can Kan Leave a comment

In this post, we are going to analyze current security algorithms being used on wireless networks, how do they work, what are their weaknesses and how to attack them. A few weeks ago, there were a few add-ons to aircrack-ng which allowed an attacker to penetrate into WPA Enterprise Wireless Networks, main focus of that post will be to show how to perform that attack, while also giving an overall view of attacks on other algorithms as well. Read More

Art of Anti Detection 1 – Introduction to AV & Detection Techniques

Ege Balci 8 Comments

This blog post will explain effective methods for bypassing the static, dynamic and heuristic analysis of up to date anti virus products. Some of the methods are already known by public but there are few methods and implementation tricks that is the key for generating FUD (Fully Undetectable) malware, also the size of the malware is almost as important as anti detection, when implementing these methods i will try to keep the size as minimum as possible. this paper also explains the inner workings of anti viruses and windows operating system, reader should have at least intermediate C/C++ and assembly knowledge and decent understanding of PE file structure.
Read More

How to Perform DDoS Test as a Pentester

Gokhan Sagoglu 9 Comments

A denial of service (DoS) attack is an attempt to make a service unavailable. Unlike other kinds of attacks, which establishes foothold or hijacks data, DoS attacks do not threat sensitive information. It is just an attempt to make a service unavailable to legitimate users. However, sometimes DoS might also be used for creating another attack floor for other malicious activities. (e.g. taking down web application firewalls) Read More

Phishery – Domain Credential Theft via Social Engineering

Mehmet Ince 1 Comment

Identifying the employees of the target organization via social media platforms such as Linkedin and sending related attractive mails comes first in the social engineering attacks. By tracking down social media, an adversary may understand most interesting topic about targeted company’s employees. After from that point, adversary may send out a phishing e-mail to the selected employees in order to steal a valid domain credentials. Read More