Quantcast
Browsing latest articles
Browse All 17 View Live

You’re not looking at the big picture

When serving image assets, many web developers find it useful to have a feature that scales the image to a size specified in a URL parameter. After all, bandwidth is expensive, latency is killing the...

View Article


Detecting ImageTragick with Burp Suite Pro

After ImageTragick (CVE-2016–3714) was published, we immediately started thinking about detecting it with Burp, which we usually use for web application testing. Although collaborator would be a...

View Article


Beyond detection: exploiting blind SQL injections with Burp Collaborator

It’s been a steady trend that most of our pentest projects revolve around web applications and/or involve database backends. The former part is usually made much easier by Burp Suite, which has a...

View Article

Snow cannon vs. unique snowflakes — testing registration forms

Many of the web application tests we conducted had a registration form in the scope. In such cases, there’s usually a field that needs to be unique for each invocation, sometimes called username, in...

View Article

The curious case of encrypted URL parameters

As intra-app URLs used in web applications are generated and parsed by the same code base, there’s no external force pushing developers towards using a human-readable form of serialization. Sure, it’s...

View Article


Unix-style approach to web application testing

SANS Institute accepted my GWAPT Gold Paper about Unix-style approach to web application testing, the paper is now published in the Reading Room. The paper introduces several problems I’ve been facing...

View Article

Uninitialized Memory Disclosures in Web Applications

While we at Silent Signal are strong believers in human creativity when it comes to finding new, or unusual vulnerabilities, we’re also constantly looking for ways to transform our experience into...

View Article

Tips and scripts for reconnaissance and scanning

Renewal paper of my GIAC Web Application Penetration Tester certification: Tips and scripts for reconnaissance and scanning

View Article


Our new tool for enumerating hidden Log4Shell-affected hosts

Log4Shell, formally known as CVE-2021-44228 seems to be the next big vulnerability that affects a huge number of systems, and the affected component, Log4j gets involved in logging untrusted data by...

View Article


Our new scanner for Text4Shell

Some say, CVE-2022-42889 is the new Log4Shell, for which we developed our own tool to enumerate affected hosts back in 2021. Others like Rapid7 argue that it may not be as easy to exploit like...

View Article
Browsing latest articles
Browse All 17 View Live