Automated monitoring of subdomains for fun and profit — Release of Sublert

Bug bounty has become a fast-growing industry with programs launching almost daily bringing along with it a fierce competition among hackers. It’s a sort of a monetized race which revolves around the first one to report a bug: first come, first served. Therefore, it’s essential to step up your game and try to stay ahead of the game. Learning and expanding your skill set is one way to do it but also improving your testing methodology is quite important, and polishing you reconnaissance for instance surely going to help a bunch.

Read More

OWASP Top 10 Application Security Risks: 2013 vs 2017

The Open Web Application Security Project (OWASP) is a global, nonprofit organization aiming to improve the security of applications and raise awareness of secure coding practices. They create new tools for both individuals and organizations, and build practical, knowledge-based documentation for the security community.

Read More

5 New Threats Every Organization Should be Prepared for in 2018

It is no wonder that 2017 was a year full of surprises in the world of cybersecurity. So far in 2018, we’ve seen new threats appear, and relatively older ones evolve. The digital threats confronted by companies large and small are in perpetual flux, and cybercriminals are continually discovering new ways and techniques to step up their game. As a result, it is crucial for organizations to stay one step ahead by keeping an eye on things and sharpening their defenses to stop future threats.

Read More

Best Practices for Web Browser Security

Web browsers are a commonly used software application to access web resources and pages using the Internet. A browser can also be used to access information provided by web servers in private networks or files in file systems.

Read More

Top 10 Ethical Hacking Interview Questions

Recent major cybersecurity breaches have urged organizations to recruit infosec professionals skilled in ethical hacking. Ethical hacking is not a typical job, as it does not require a college diploma. All you need is a good understanding of computers, software and decent hacking skills. Ethical hacking is another term for penetration testing, commonly referred to as pentesting.

Read More

Average CASP Salary in 2017

The current cybersecurity landscape requires specialized and validated skills to proactively mitigate future security threats. Certifications like the CASP provide credibility when it comes to demonstrating job competencies to employers, and can unlock advanced opportunities in the IT world.

Read More

CORS Exploitation: Data exfiltration when allowed origin is set to NULL

The present article will be discussing a particular case regarding exploitation of CORS misconfigurations which I stumbled across during a security audit so I had to dig and research about it in order to finalize a working proof of concept for the client. If you do not have knowledge in this matter I would advise you to read first my previous article in this regards that you can find here.

Read More

A tale of three bug bounties

I have been lately shiftless regarding publishing and my recent articles on Infosec Institute were more descriptive than technical. Thus, I decided to write this blog post about three interesting security vulnerabilities I discovered in three programs : (1) PayPal, (2) and (3) are private programs on HackerOne that I will not be disclosing. The security flaws will be in the following order :

Read More

Everything to know about EC-Council, CEH and LPT

The International Council of E-Commerce Consultants, also known as EC-Council, is a cyber security technical certification organization supported by its members. EC-Council has headquarters located in Albuquerque, New Mexico, but also operates in over 130 countries globally.

Read More

Penetration Tester – Resume and Interview Questions

Looking for a job as a penetration tester? If so, this article is for you. Searching for a job is a process which can sometimes be a lengthy one as it involves drawing on skills you have developed over time. You can successfully find a job as a penetration tester, but it will take a reasonable investment of time and energy.

Read More

Penetration Testing – Jobs, Certifications, Tools, and More

As technologies have increasingly advanced over the past few years, more complex cyber attacks have also emerged. Thus, data security has become the need of the hour as far as using these latest technologies. Penetration testing is not only an integral part of a security review process for any organization, but also a compliance obligation for standards like PCI-DSS.

Read More

Mozilla SUMO cache poisoning and open redirect

The present article covers a security vulnerability I previously discovered in one of Mozilla web services. The discovery goes back to April 2016, a period in which I was enrolled in a bug bounty challenge with two of my friends. The challenge was quiet competitive and each one of us had a pretty productive month. It is a recommended method for my bug hunting fellows in order to stay motivated and boost their productivity.

Read More

Two security flaws in Microsoft online web services

This article is reserved to disclose the two security vulnerabilities I discovered in Microsoft web services. As you may know, Microsoft has started offering monetary rewards that range from $500 USD up to a maximum of $15,000 USD. So, without any kind of bullshit, making some quick cash was my main motivation this time especially that I am already listed in their Hall of fame twice but that was before they officially launch their bug bounty program.

Read More

Security impact of a misconfigured CORS implementation

It has been quiet some time I have not blogged about anything new, so I hope this blog post is sufficient to catch up my inactivity 🙂 It is also worth mentionning that this vulnerability has earned me quiet few good rewards from bug bounty programs.

Read More

Price manipulation vulnerability in e-commerce platforms

The tremendous increase in online transactions and the development of e-commerce in the world has been accompanied by an equal rise in the number and type of attacks against the security of online payment systems. From SQL injection vulnerability that targets databases to XSS (Cross-Site scripting) flaws aiming to hijack users’ sensitive information (Session cookie, CSRF tokens etc.). However, this article will focus on another type of issus that I have came across multiple times in different platforms while doing security testings. We will essentially talk about price manipulation vulnerability that is almost completely unique to online shopping carts and payment gateways.

Read More

Neglected DNS records exploited to takeover subdomains

In this write up I will be talking about a security issue identified in Redbooth platform which « is a communication and collaboration platform that provides a single place for shared tasks, discussions, file sharing, and more. » – Read more at: https://www.crunchbase.com/organization/redbooth

Read More