Today we will cover one of the more interesting attack vectors – XXE. What is XXE? XXE, or XML External Entity Injection, is a type of security vulnerability that occurs when an application processes untrusted XML input. Attackers exploit this by including malicious code in XML data, often leading to serious consequences like reading server…
Web Cache Poisoning might sound like something straight out of a security conference talk, but it’s a real threat that can cause serious headaches. Recently, a vulnerability was found on the Shopify theme store website, https://themes.shopify.com, where an attacker could poison the cache by manipulating the Host header. What Is Web Cache Poisoning? Letβs break…
I’ve seen lot of social engineering / phishing campaigns that try to trick you to go some unsavory places, but rarely do they look convincing. So lets see how can we trick people into clicking on that link. https://[email protected] Now if you click the above link using Firefox browser – you will get a notification…
Have you ever wondered why a website you visit can’t access your cookies or session data from other sites you have open, like Facebook or Instagram? That’s thanks to the Same-Origin Policy. This policy restricts how one website can interact with resources from another website in your browser, ensuring your data remains secure and private.…
Content Security Policy (CSP) is one powerful setting that helps to defend your website. It particularly defends your site from vulnerabilities such as Cross-Site Scripting (XSS) and data injection attacks. It works by defining which sources of content are allowed to be loaded and executed on your web pages. How CSP Works CSP is implemented…
Rarely talked about, this is an interesting vulnerability. In 2012, GitHub faced a significant Mass Assignment vulnerability. An attacker discovered that GitHub’s enterprise system allowed users to set arbitrary parameters, including the admin flag, during account creation. The attacker exploited this by including the admin parameter in the account registration request, granting themselves administrative privileges.…
HTTP Request Smuggling occurs when an attacker exploits inconsistencies in how different web servers handle multiple HTTP requests sent in a single packet. This can lead to various types of attacks, including: HTTP Request Smuggling typically exploits the difference in interpretation of Content-Length and Transfer-Encoding headers between two servers. By carefully crafting HTTP requests, attackers…
When it comes to attacking web servers without any initial access, there are more ways than one may think of. Lets start from the most common and go from there: 1. Web Application Vulnerabilities Issues within the application itself can be exploited remotely to possibly gain control or access backend systems. Vulnerabilities such as SQL…
In the shadowy corners of the cybersecurity world, there thrived a hacker known for his unique blend of digital prowess and physical stealth. This hacker, who went by the alias “Cipher,” specialized in an often-overlooked aspect of security: physical penetration testing. Cipher’s job was to break into buildings, not just networks, to expose vulnerabilities in…
As the final bell rang, signaling the end of another mundane school day, Alex trudged out of the classroom, his backpack slung over his shoulder. The autumn sun cast long shadows across the schoolyard as he made his way home, kicking at stray leaves that littered the sidewalk. Chapter 1: A Routine Day Despite the…
