Discover and read the best of Twitter Threads about #websecurity
Most recents (14)
๐งต
1/ Get rid of complex, traditional backend servers while building your #websites.
According to @HTTPArchive, now more than 1% of ALL websites are based on the Jamstack architectural approach
๐
(image by C. Fayock)
#webapp #coding #developer #innovation
1/ Get rid of complex, traditional backend servers while building your #websites.
According to @HTTPArchive, now more than 1% of ALL websites are based on the Jamstack architectural approach
๐
(image by C. Fayock)
#webapp #coding #developer #innovation
2/ Whether you are an experienced or a novice web developer, your main, urgent goal is to avoid:
๐ขSlow loading times
๐Security vulnerabilities
๐Scaling issues
๐ตHeadaches
#webdev
๐ขSlow loading times
๐Security vulnerabilities
๐Scaling issues
๐ตHeadaches
#webdev
3/ The Jamstack is a way of building web applications that utilizes modern tools and technologies based on #JavaScript, #APIs, and Markdown (J.A.M. stack), in order to decouple the #frontend from the #backend
Learn to Hack
Over 27 Hours of Free Hacking Material
@TCMSecurity #websecurity #Pentesting
#Linux #OSINT #Python #bufferoverflow
#opsec #Hacking
Thread ๐๐งต
Over 27 Hours of Free Hacking Material
@TCMSecurity #websecurity #Pentesting
#Linux #OSINT #Python #bufferoverflow
#opsec #Hacking
Thread ๐๐งต
Practical Ethical Hacking
This course is a 12-hour introduction to the practical side of ethical hacking.The course is hands-on and will cover many foundational topics.
๐
This course is a 12-hour introduction to the practical side of ethical hacking.The course is hands-on and will cover many foundational topics.
๐
OSINT Fundamentals
This is a 4.5 hour course on open source intelligence (OSINT) tactics and techniques. It is designed to help students improve their investigative skills, research methodology, and personal OPSEC.
๐
This is a 4.5 hour course on open source intelligence (OSINT) tactics and techniques. It is designed to help students improve their investigative skills, research methodology, and personal OPSEC.
๐
Infra/App monitoring Tools-thread ๐๐ป
What is monitoring?
The purpose of IT monitoring is to determine how well your IT infrastructure and the underlying components perform in real time. The resolution gets quicker &smarter
#Linux #Monitoing #Security #infosec #ITJobs #Tools
What is monitoring?
The purpose of IT monitoring is to determine how well your IT infrastructure and the underlying components perform in real time. The resolution gets quicker &smarter
#Linux #Monitoing #Security #infosec #ITJobs #Tools
Type of monitoring:
1. Availability monitoring:ย this is designed to provide users with information about uptime and the performance of whatever is being monitored.
2. Application performance management (APM): Using APM solutions, businesses can monitor
1. Availability monitoring:ย this is designed to provide users with information about uptime and the performance of whatever is being monitored.
2. Application performance management (APM): Using APM solutions, businesses can monitor
whether their IT environment meets performance standards, identify bugs and potential issues, and provide flawless user experiences via close monitoring of IT resources.
3. Security monitoring:ย Security monitoring is designed to observe a network for breaches or
3. Security monitoring:ย Security monitoring is designed to observe a network for breaches or
๐ก๐๐ก๐๐ญ ๐๐ซ๐ ๐๐๐๐ฌ?๐ก
If you work with APIs, you've probably come across JWTs. JWT stands for ๐๐๐๐ ๐๐๐ ๐๐จ๐ค๐๐ง, and it's a JSON document that contains information about a user. We call the properties of a JWT claims.
๐งต๐งต๐งต๐งต
1/
#API #jwt #auth #WebSecurity
If you work with APIs, you've probably come across JWTs. JWT stands for ๐๐๐๐ ๐๐๐ ๐๐จ๐ค๐๐ง, and it's a JSON document that contains information about a user. We call the properties of a JWT claims.
๐งต๐งต๐งต๐งต
1/
#API #jwt #auth #WebSecurity
There're two types of JWTs:
๐ ๐๐ ๐ญ๐จ๐ค๐๐ง๐ฌ are tokens carrying user-identifying data like their name and email. You should ๐๐๐๐๐ use an ID token to validate access to an API.
๐ ๐๐๐๐๐ฌ๐ฌ ๐ญ๐จ๐ค๐๐ง๐ฌ are tokens with claims about the right to access an API.
2/
๐ ๐๐ ๐ญ๐จ๐ค๐๐ง๐ฌ are tokens carrying user-identifying data like their name and email. You should ๐๐๐๐๐ use an ID token to validate access to an API.
๐ ๐๐๐๐๐ฌ๐ฌ ๐ญ๐จ๐ค๐๐ง๐ฌ are tokens with claims about the right to access an API.
2/
We use access tokens to validate access to an API.
A JWT has three components: header, payload, and signature
๐
๐ธ ๐๐๐๐๐๐ซ: it identifies the document as a JWT and contains metadata, such as the algorithm and the key ID used to sign the token.
3/
A JWT has three components: header, payload, and signature
๐
๐ธ ๐๐๐๐๐๐ซ: it identifies the document as a JWT and contains metadata, such as the algorithm and the key ID used to sign the token.
3/
#SecurityExplained S-61: CWE-787: Out-of-bounds Write
The Out-of-bounds Write is a software security vulnerability that occurs when the data is written beyond the boundaries (i.e. past the end, before the beginning) of the intended buffer.
1/n
The Out-of-bounds Write is a software security vulnerability that occurs when the data is written beyond the boundaries (i.e. past the end, before the beginning) of the intended buffer.
1/n
2/n
This weakness is also listed in the CWE TOP 25 (2021). This has been given the CWE ID as CWE-787
- This vulnerability could result in buffer overflows, memory corruption, the crash of the software or even a code execution.
This weakness is also listed in the CWE TOP 25 (2021). This has been given the CWE ID as CWE-787
- This vulnerability could result in buffer overflows, memory corruption, the crash of the software or even a code execution.
3/n
As per the cwe.mitre.org, The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
As per the cwe.mitre.org, The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
#SecurityExplained S-60: Introduction to CWE
According to the official description, the CWEโข (Common Weakness Enumeration) is a community-developed list of software and hardware weakness types.
[1/n๐งต]
#AppSec #infosec #websecurity #cybersecurity #bugbountytips #Pentesting
According to the official description, the CWEโข (Common Weakness Enumeration) is a community-developed list of software and hardware weakness types.
[1/n๐งต]
#AppSec #infosec #websecurity #cybersecurity #bugbountytips #Pentesting
2/n
It serves as a common language, a measuring stick for security tools, and as a line for weakness identification, mitigation, and prevention efforts. The list includes more than 924 Common Weaknesses in Software & Hardware.
It serves as a common language, a measuring stick for security tools, and as a line for weakness identification, mitigation, and prevention efforts. The list includes more than 924 Common Weaknesses in Software & Hardware.
3/n
There are multiple options available to look for a CWE such as:
- By Software Development
- By Hardware Design
- By Research Concepts
- External Mappings such as (CWE TOP 25, OWASP TOP 10, Software Fault Pattern Cluster and more)
There are multiple options available to look for a CWE such as:
- By Software Development
- By Hardware Design
- By Research Concepts
- External Mappings such as (CWE TOP 25, OWASP TOP 10, Software Fault Pattern Cluster and more)
#SecurityExplained S-59: Ruby ERB SSTI
Server-Side Template Injection (SSTI) vulnerabilities occur when user-supplied data is inserted into a template and insecurely evaluated as an expression by the template engine.
#appsec #bugbountytips
[1/n ๐งต]
Server-Side Template Injection (SSTI) vulnerabilities occur when user-supplied data is inserted into a template and insecurely evaluated as an expression by the template engine.
#appsec #bugbountytips
[1/n ๐งต]
This may allow an attacker to trick the template engine into evaluating an expression that could allow an attacker to execute system commands or get a shell
To look for template injection vulnerability, it is essential to enumerate and know if the template engine is in use.
2/n
To look for template injection vulnerability, it is essential to enumerate and know if the template engine is in use.
2/n
3/n
If the application uses a template engine, the next thing is to know what language-based template injection is used and what all classes and methods are accessible that could be chained together to perform the desired action.
If the application uses a template engine, the next thing is to know what language-based template injection is used and what all classes and methods are accessible that could be chained together to perform the desired action.
Web Pentesting Resources:
hacker101.com
alphacybersecurity.tech/ten-books-to-sโฆ
pentesteracademy.com/course?id=5
sans.org/cyber-securityโฆ
pentesterlab.com/exercises/web_โฆ
elearnsecurity.com/course/web_appโฆ
cybrary.it/course/web-appโฆ
pentest-tools.com
#websecurity #cybersecurity #infosec #bugbounty
hacker101.com
alphacybersecurity.tech/ten-books-to-sโฆ
pentesteracademy.com/course?id=5
sans.org/cyber-securityโฆ
pentesterlab.com/exercises/web_โฆ
elearnsecurity.com/course/web_appโฆ
cybrary.it/course/web-appโฆ
pentest-tools.com
#websecurity #cybersecurity #infosec #bugbounty
*Simple list of bugs for testing*
#bugbounty #bugbountytips #websecurity
[+] Cache Poisoning
[+] Cash Overflow
[+] Clickjacking
[+] Command injection attacks
[+] Comment Injection Attack
[+] Content Security Policy
[+] Content Spoofing
[+] Credential stuffing
#bugbounty #bugbountytips #websecurity
[+] Cache Poisoning
[+] Cash Overflow
[+] Clickjacking
[+] Command injection attacks
[+] Comment Injection Attack
[+] Content Security Policy
[+] Content Spoofing
[+] Credential stuffing
[+] Cross Frame Scripting
[+] Cross Site History Manipulation (XSHM)
[+] Cross Site Tracing
[+] Cross-Site Request Forgery (CSRF)
[+] Cross Site Port Attack (XSPA)
[+] Cross-Site Scripting (XSS)
[+] Cross-User Defacement
[+] Custom Special Character Injection
[+] Cross Site History Manipulation (XSHM)
[+] Cross Site Tracing
[+] Cross-Site Request Forgery (CSRF)
[+] Cross Site Port Attack (XSPA)
[+] Cross-Site Scripting (XSS)
[+] Cross-User Defacement
[+] Custom Special Character Injection
[+] Denial of Service
[+] Direct Dynamic Code Evaluation (Eval Injection)
[+] Execution After Redirect (EAR)
[+] Exploitation of CORS
[+] Forced browsing
[+] Form action hijacking
[+] Format string attack
[+] Full Path Disclosure
[+] Function Injection
[+] Host Header injection
[+] Direct Dynamic Code Evaluation (Eval Injection)
[+] Execution After Redirect (EAR)
[+] Exploitation of CORS
[+] Forced browsing
[+] Form action hijacking
[+] Format string attack
[+] Full Path Disclosure
[+] Function Injection
[+] Host Header injection
#learn365 Common Business Logic Issues: Part-1
I'll try to cover some of the interesting business logic flaws that I usually test and have encountered so far today & in the next couple of days. Feel free to add more if you know any.
#bugbountytips #appsec #websecurity
(1/n)
I'll try to cover some of the interesting business logic flaws that I usually test and have encountered so far today & in the next couple of days. Feel free to add more if you know any.
#bugbountytips #appsec #websecurity
(1/n)
(2/n)
1. Review Functionality
- Some applications have an option where verified reviews are marked with some tick or it's mentioned. Try to see if you can post a review as a Verified Reviewer without purchasing that product.
1. Review Functionality
- Some applications have an option where verified reviews are marked with some tick or it's mentioned. Try to see if you can post a review as a Verified Reviewer without purchasing that product.
(3/n)
- Some app provides you with an option to provide a rating on a scale of 1 to 5, try to go beyond/below the scale-like provide 0 or 6 or -ve.
- Try to see if the same user can post multiple ratings for a product. This is an interesting endpoint to check for Race Conditions.
- Some app provides you with an option to provide a rating on a scale of 1 to 5, try to go beyond/below the scale-like provide 0 or 6 or -ve.
- Try to see if the same user can post multiple ratings for a product. This is an interesting endpoint to check for Race Conditions.
Preventing Cross-Site Request Forgery(CSRF) attacks - auth0.com/blog/cross-sitโฆ
#security #websecurity #sec #infosec
#security #websecurity #sec #infosec
what is Cross-Site Request Forgery?
it is a type of attack performed on web apps in order to carry out a malicious action without user's explicit consent.
these 'malicious actions' could be anything. for example: changing email address, personal information etc
#websecurity
it is a type of attack performed on web apps in order to carry out a malicious action without user's explicit consent.
these 'malicious actions' could be anything. for example: changing email address, personal information etc
#websecurity
how it is performed?
* attacker leads the user to perform an action(through email, website etc)
* attacker makes a request on behalf of the user(by using a hidden form, for example)
* vulnerable website sees it as a genuine action(by verifying session cookie)
#CodeNewbie
* attacker leads the user to perform an action(through email, website etc)
* attacker makes a request on behalf of the user(by using a hidden form, for example)
* vulnerable website sees it as a genuine action(by verifying session cookie)
#CodeNewbie
OWASP Mitigation : P1
Authentication and session management :
- Make usernames, passwords and authentication data case sensitive and unique for each user
#infosec #websecurity #owasp
Authentication and session management :
- Make usernames, passwords and authentication data case sensitive and unique for each user
#infosec #websecurity #owasp
Password auditing:
- Use complex password policy: upper and lower cases with special characters
- Long phrases are better to use instead of a regular complex password because they are unique and easy to remember
- Forbid the use of common passwords i.e password123
- Use complex password policy: upper and lower cases with special characters
- Long phrases are better to use instead of a regular complex password because they are unique and easy to remember
- Forbid the use of common passwords i.e password123
- Use Multifactor authentication [MFA]
- Use strong hashing algorithm such as SHA-2, bcrypt
- Limit session expiration time
- Use generic error messages for incorrect login attempts to avoid revealing information an attacker can useduring their enumeration process
- Use strong hashing algorithm such as SHA-2, bcrypt
- Limit session expiration time
- Use generic error messages for incorrect login attempts to avoid revealing information an attacker can useduring their enumeration process
In a second order SQL injection, an application takes a user input from an HTTP request and stores it for future retrieval. It is two parts injection
#HTB #infosec #websecurity
#HTB #infosec #websecurity
An example of this would be a vulnerable application that has "sign up" page and "login page". The sign up page would be used to send POST requests to store data in the db in a form of SQL query and the login page would be used to send different POST requests to retrieve thedata
@LissanonCedric actually, no both requests are POST requests. That was a typo, I fix it . Thanks for bring it up ๐
Same Origin Policy is a web security concept that allows browsers to prevent loading scripts from different sources or reading cookies and session data remotely. It helps to prevent basic XSS and CSRF attacks #websecurity #infosec
An origin consists of a URIย scheme://+hostย nameย + port number
Ex:ย example.com:8080
*If no port is given, it will be given the default port of the scheme. HTTP is 80 and HTTPS is 443
Ex:ย example.com:8080
*If no port is given, it will be given the default port of the scheme. HTTP is 80 and HTTPS is 443
This policy allows browsers to load and read data from the scope of the same origin only
Ex:ย company.comย as an origin can load scripts and read data only from pages that have the same origin asย http:// company.comย orย company.com/dir/
Ex:ย company.comย as an origin can load scripts and read data only from pages that have the same origin asย http:// company.comย orย company.com/dir/
