❌
There are new articles available, click to refresh the page.
Before yesterdayDigiNinja

Using HTTP pipelining to hide requests.

19 May 2002 at 15:21
In this post I'm going to discuss using HTTP pipelining to hide malicious HTTP requests. This is not domain fronting but uses similar techniques to get the same result, an observer who is not able to perform TLS interception is only able to see the "good" request which conceals the "bad" request.

A 101 on domain fronting along with some examples.

19 May 2002 at 15:21
Domain fronting has been around for years and I've always understood the concept but never actually looked at exactly how it works. That was until recently when I did some work with Chris Truncer who had us set it up as part of a red team test. That was the point I had to get down and understand the actual inner workings. Luckily Chris is a good teacher and the concept is fairly simple when it is broken down into pieces.

Protecting against XSS in SVG

19 May 2002 at 15:21
A client had the requirement to allow users to upload SVG files to their web app, these files then had to be displayed. As SVG files can contain JavaScript and can be used for Cross-Site Scripting attacks, I had to do some investigating to find ways to allow them to do what they wanted safely.

A walkthrough of my vuLnDAP project

19 May 2002 at 15:21
This is a full walk through detailing how I would go through my challenge. There are probably plenty of other ways this can be done so don't take this as the only or best. If you do have a better way, please let me know.

New tool, Sitediff

19 May 2002 at 15:21
Imagine the scenario, you are testing a site running an open source package but not sure what version and need to find out. The site does not include any helpful comments in the HTML and there is no README file. The package isn't a popular one so none of the regular fingerprinting apps recognise it, what can you do? Call in Sitediff, it takes a local directory of files and then requests each of them from the target site and reports back on what it finds.
❌
❌