The problem.... Recently, NVISO was tasked to do a penetration test on a web application that had very short authenticated sessions and that implemented anti CSRF tokens. This presented a unique challenge, as most of our automated tools and techniques had no reliable way of working as the base requests that were being used as … Continue reading Using Burp’s session Handling Rules to insert authorization cookies into Intruder, Repeater and even sqlmap
Firmware: the holy grail of most Internet of Things (IoT) security assessments! Sometimes, getting access to a device's firmware can be as easy as visiting the vendor's website. Other times, the only option is to dump it directly from the hardware, and this is where things get interesting. Some procedures used for dumping can expose … Continue reading Will they melt? Testing the resistance of flash memory chips
In the previous blog post "Optimize Elasticsearch for log collection - Part 1: reduce the number of shards", we have seen one solution to recover a cluster suffering from the "too many shards syndrome" by merging indices that were too small. In this article, we'll see how we can rely on latest Elasticsearch feature to … Continue reading Optimizing Elasticsearch – Part 2: Index Lifecycle Management
At first, it was just a simple team-building trip with less than ten participants. However, it became a tradition and year after year, more birds joined our nest and the trip grew bigger. After sharing stories and legends of previous years, both new joiners and veterans were waiting for the D-Day of this year’s famous … Continue reading The Birds Fly away!
TL;DR: Verified boot is a fundamental security technology and it is important to be able to experiment with it on easily accessible hardware. However, creating a Verified boot demo on a Raspberry Pi 3 is harder than it sounds. We set out to find resources on the internet. Unfortunately, some of these were outdated, others … Continue reading Enabling Verified boot on Raspberry Pi 3
Who’s the best at cracking cyber security puzzles? Students from all over Germany can register for the Cyber Security Rumble Germany, which is taking place for the first time at the University of Bonn. On the 13th & 14th of March 2019, an online preliminary challenge round will take place allowing teams, of up to … Continue reading Registration to the Cyber Security Rumble is now opened to students in Germany
In this post, we will illustrate how ee-outliers can be used to detect suspicious child processes. This can be a very helpful way of spotting malicious endpoint activity during our Threat Hunting activities. A few examples where detecting suspicious child processes could help us: Detection of a malicious Microsoft Word file spawning cmd.exe Detection of … Continue reading Detecting suspicious child processes using ee-outliers and Elasticsearch