πŸ”’
There are new articles available, click to refresh the page.
βœ‡ DigiNinja

Adding VLANs to the GNS3/VirtualBox Lab

By: DigiNinja β€”
Adding VLANs to the GNS3/VirtualBox Lab - In this post I show how to add VLANs to the lab and how to move between them on the switch. I then show what can happen if you get on to a trunk port and get to control your own VLAN tagging.
βœ‡ DigiNinja

A write up of my recent experiences of getting clients involved during testing.

By: DigiNinja β€”
A write up of my recent experiences of getting clients involved during testing.
βœ‡ DigiNinja

dotnetsheff Headers and Cookies Slides

By: DigiNinja β€”
A copy of the slides from my dotnetsheff talk on HTTP security headers and cookies.
βœ‡ DigiNinja

Here is a little trick I just learned about to help prevent things like API keys from ending up in your Git repo. I've mentioned it to a few Git loving developers who all claimed that it is obvious and that loads of people are already using it, but, as we

By: DigiNinja β€”
Here is a little trick I just learned about to help prevent things like API keys from ending up in your Git repo. I've mentioned it to a few Git loving developers who all claimed that it is obvious and that loads of people are already using it, but, as we regularly see keys in GitHub, I'd guess that its a case of what people know they should be doing verses what they are actually doing. The trick uses Git hooks to catch content pre-commit and block anything that it thinks is suspicious.
βœ‡ DigiNinja

A modular brute force tool currently supporting HTTP(S), MySQL and SSH.

By: DigiNinja β€”
A modular brute force tool currently supporting HTTP(S), MySQL and SSH. Written in Ruby and designed to be easily extendable by using off the shelf protocol libraries.
βœ‡ DigiNinja

A walkthrough of my vuLnDAP project

By: DigiNinja β€”
This is a full walk through detailing how I would go through my challenge. There are probably plenty of other ways this can be done so don't take this as the only or best. If you do have a better way, please let me know.
βœ‡ DigiNinja

A 101 on domain fronting along with some examples.

By: DigiNinja β€”
Domain fronting has been around for years and I've always understood the concept but never actually looked at exactly how it works. That was until recently when I did some work with Chris Truncer who had us set it up as part of a red team test. That was the point I had to get down and understand the actual inner workings. Luckily Chris is a good teacher and the concept is fairly simple when it is broken down into pieces.
βœ‡ DigiNinja

Write up of my efforts to track down what turned out to be an accidental DoS against my Gmail account.

By: DigiNinja β€”
If anyone was watching my Twitter feed over the last few days you'll have seen me complaining about my Gmail account being down. It wasn't down completely, I could still access the web interface and read all old mails but hadn't had any new emails in since 4AM on Thursday. I have various other mail accounts, some Gmail, some not, so I tried sending myself mails from those account to see if things were broken or whether I had just become very unpopular. None of the mails got through. I also tested sending emails out and none of those worked either so there was definitely a problem. By Friday lunchtime I'd had a couple of mails but nothing much so I figured I'd better do some digging and get it fixed.
βœ‡ DigiNinja

Using HTTP pipelining to hide requests.

By: DigiNinja β€”
In this post I'm going to discuss using HTTP pipelining to hide malicious HTTP requests. This is not domain fronting but uses similar techniques to get the same result, an observer who is not able to perform TLS interception is only able to see the "good" request which conceals the "bad" request.
βœ‡ DigiNinja

I recently decided it was time to learn how to test WebSockets and so decided to take the opportunity to learn a bit about how ZAP works. This two part blog post covers a brief into to ZAP and how it interacts with WebSockets and then looks in depth at ho

By: DigiNinja β€”
With the slow uptake of HTML5, WebSockets are going to start being seen in more and more applications so I figured I'd better learn how to test them before being put in front of them on a client test and having to learn as I went along. I figured the best way to do this was to build a very simple application then throw in a proxy and see what happened. Unfortunately my proxy of choice, Burp Suite, currently doesn't handle WebSockets so I had to look for one that did. The only one, and this is their claim, that does in the OWASP Zed Attack Proxy, or ZAP for short. I'd been meaning to learn how to use it for a while so this seemed like the perfect opportunity. If anything in here is wrong, please get in touch and I'll fix it, I'm learning as I go along so may well be doing the odd thing wrong however it does all seem to work. I started by writing a small WebSocket based app which I called SocketToMe which has a few basic services, chat, a number guess game and a couple of other features. I figured I'd start with interception then have a look at fuzzing.
βœ‡ DigiNinja

Integrating GNS3 and VirtualBox - This is the first part of a series integrating GNS3 and VirtualBox to build a lab to play with layer 2 attacks

By: DigiNinja β€”
Integrating GNS3 and VirtualBox - Having come from a development background rather than a sys-admin one, my knowledge of layer 2 is not as good as I'd like it to be so I've decided to do something about it. I've always been interested in VLANs and the idea of bypassing them so thought that would be a good place to start. This is the first part of a series building a lab to test out different layer 2 attacks.
βœ‡ DigiNinja

NoSQLi Lab

By: DigiNinja β€”
With the rise in popularity of NoSQL I figured it was time to build a lab so I could have a play with the different techniques used to attack them. This was the result...
βœ‡ DigiNinja

Are secure web frameworks reducing long term security?

By: DigiNinja β€”
Are secure web frameworks reducing long term security? Why I think developers should always think about security, even when someone else is taking care of it for them.
βœ‡ DigiNinja

A short howto on removing the obfuscation added to non-default passwords by Nessus.

By: DigiNinja β€”
A short howto on removing the obfuscation added to non-default passwords by Nessus.
βœ‡ DigiNinja

Automating searching through MSSQL databases for interesting data.

By: DigiNinja β€”
Automating looking through MSSQL databases to find interesting sounding column names. Once found automating pulling back some sample data to give a feel as to whether it is worth investigating.
βœ‡ DigiNinja

#secvidofday

By: DigiNinja β€”
What is #secvidofday and why am I doing it?
βœ‡ DigiNinja

Windows RDP client, show login page

By: DigiNinja β€”
A short howto on getting the Windows RDP client to show the server login page rather than ask for credentials itself
βœ‡ DigiNinja

The plagiarism of Christian Bruhin

By: DigiNinja β€”
There is lots of plagiarism goes on on the internet, unfortunately for Christian, he decided that he was happy to do it and accepted the risks it created.
βœ‡ DigiNinja

Are signs of the zodiac used as passwords?

By: DigiNinja β€”
I was wondering why dragon and monkey come up so often in Pipal analysis of password lists and it got me wondering if it was to do with Chinese signs of the zodiac so just as an experiment I've just added checking for both Western and Chinese zodiac signs to Pipal. I ran it against the 1 million eHarmony passwords I've got and it looks like they do play a small part in some people passwords.
❌