Primary Content: Home

Introduction to Content Security Policy

Content Security Policy (CSP) is a built-in protection mechanism in web browsers that allows you to specify trusted sources for content such as JavaScript and allows you to block inline incudes. It can effectively stop attacks such as Cross-site Scripting and ClickJacking.

The settings are configured server side and given to the web browser via a server response header, the “Content-Security-Policy” header, here’s a simple example of one of these headers:

Content-Security-Policy: script-src 'self'; object-src 'self'

Continue reading: Introduction to Content Security Policy

SQL Injection Filter Evasion with sqlmap

Whenever I find a SQL injection vulnerability I always throw sqlmap at the injection point. It’s a simple, easy to use tools that will not only prove the vulnerability but allow you to extract data, gain command execution, and generally push further on with your penetration test. If I come across a filter or a web application firewall then I’ll habitually break out Burp Suite and start working on filter evasion manually, however there’s often a simpler way.

Continue reading: SQL Injection Filter Evasion with sqlmap

Adventures in Anti-Virus Evasion

Preamble

Anti-virus is often the last line of defense to users, the ability to bypass that system is a critical one for Penetration Testers but I’m still not comfortable in giving out a complete walk through as that kind of knowledge offers great advantage to attackers but little benefit to defenders. For me, that’s the ultimate test for ethics: are we assisting defense more than attack, if we are not then the tactic or system is dangerous. Tools like Veil-Evasion often makes evasion trivial the tool is well documented. I will present in this article my findings and research in anti-virus evasion, but will not offer a complete walk through of how to get a zero score on sites like virustotal.com. Consider this an adventure, not a guide.

Continue reading: Adventures in Anti-Virus Evasion