Web-based security threats are a popular topic and you can easily find related information, including on cross-site scripting and one of its important flavors, Blind XSS. However, although this information is usually delivered at a high level of detail, the description of the possible targets…
The Chronicles of DOM-based XSS
A brief overview of DOM-based XSS DOM-based XSS is a form of cross-site-scripting attack in which an attacker executes an attack vector through the modification of the browser’s Document Object Model (DOM) environment. Unlike stored (persistent) or reflected XSS variants, DOM-based XSS does not involve…
Cross-Site Scripting in HTTP Headers
What is XSS in HTTP Headers and How is it Different when Compared to Other XSS Attacks? When looking at various types of XSS attacks, we can easily identify the common pattern – it revolves around injecting malicious code into various areas of the HTML…
Finding the Source of a DOM-based XSS Vulnerability with Acunetix
DOM-based XSS involves the execution of a payload as a result of modifying the DOM inside the browser used by a client side script. Since the payload resides in the DOM, the payload may not necessarily be sent to the web server. This post covers…
Insider Threats: Dealing with the Enemy Inside
For companies, threats come from two sources—outside the organization and inside (reads: disgruntled, unethical employees). Insider threats can be very difficult to handle and the number of annual incidents is on the rise. The insider threat can come in several forms: Employees who steal intellectual…
BREACH attacks: Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext
BREACH attacks, abbreviated from Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext, are attacks similar to the CRIME attack. Both attacks are compression side channel attacks, however CRIME targets information compressed in HTTP requests through TLS compression, whilst BREACH targets information compressed in HTTP…
The importance of Internal Web Security Assessments
What do things look like on the outside? That’s the main focus we have as human beings. But beauty is only skin deep. As with relationships and leaked NSA documents, we quickly discover that what’s on the inside is just as, if not more, important….
Server Side Request Forgery (SSRF)
A Server Side Request Forgery (SSRF) attack gives an attacker the ability to use your web application to send requests to other applications running on the same machine, or to other servers which can be on the same or on a remote network. Since the…
Automatic detection of XXE vulnerabilities in OpenID implementations using Acunetix AcuMonitor
Reginaldo Silva recently uncovered a very interesting bug affecting Facebook (and received $33,500 for this discovery). The bug is caused by improper handling of XML documents in OpenID implementations causing XML External Entity Expansion vulnerabilities. He mentioned in his article that many OpenID implementations/libraries are…