877.791.9571 |

About the Author:

Dawid Czagan (@dawidczagan) has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, BlackBerry and other companies. Due to the severity of many bugs, he received numerous awards for his findings. Dawid is founder and CEO at Silesia Security Lab, which delivers specialized security auditing services with a results-driven approach. He also works as Security Architect at Future Processing. Dawid shares his bug hunting experience in his workshop entitled "Hacking web applications - case studies of award-winning bugs in Google, Yahoo, Mozilla and more". To find out about the latest in Dawid's work, you are invited to visit his blog (https://silesiasecuritylab.com/blog) and follow him on Twitter (@dawidczagan).
sql_injection

Testing for SQL Injection with sqlmap

1. Introduction

This article introduces sqlmap and shows how it can be used to detect and exploit SQL injection vulnerabilities.

2. SQL injection

This vulnerability allows the attacker to modify an SQL […]

secureflag08112014

Cookies with Secure Flag: Undesired Behavior in Modern Browsers

Introduction

When a cookie has secure flag set, it will only be sent over secure HTTPS, which is HTTP over SSL/TLS. This way, the authentication cookie will not be disclosed […]

risk-model-09202013

Effective Risk Reduction

1. Introduction

Risk reduction is often associated with prevention only. Effective security, however, also needs detection and response. Those three (prevention, detection, response) are the fundamental pieces of the process […]

risk-model-09202013

Qualitative Risk Analysis with the DREAD Model

1. Introduction

This article introduces two types of risk analysis (quantitative, qualitative) and presents how to perform qualitative risk analysis with the DREAD model . Finally, the Common Vulnerability Scoring […]

httponlyflag04072014

Cookies with HttpOnly Flag: Problem in Some Browsers

1. Introduction

When a cookie has HttpOnly flag set, then JavaScript cannot read it in case of XSS exploitation. This is actually the reason why HttpOnly flag was introduced. As […]

secureCookie03062014

Securing Cookies with HttpOnly and secure Flags

1. Introduction

Securing cookies is an important subject. Think about an authentication cookie. When the attacker is able to grab this cookie, he can impersonate the user. This article describes […]

sessionRegen02192014

The Importance of Session Regeneration

1. Introduction

Users of web applications are recognized by session IDs. That’s why it’s obvious that session management is an important subject. Session management flaws are related to weaknesses in […]

BurpSuite01242013

Session Randomness Analysis with Burp Suite Sequencer

1. Introduction

Users of web applications are identified by session IDs. An attacker can impersonate users when generated sessions are predictable. This article introduces Burp Suite Sequencer and shows […]

Remote01212014

From CSRF to Unauthorized Remote Admin Access

1. Introduction

The intention of this article is to show how dangerous a cross-site request forgery (CSRF) vulnerability can be. It will be presented for the D-Link DIR-600 router (Hardware […]

repudiation01092014

Non-repudiation and digital signature

1. Introduction

Non-repudiation is a much desired property in the digital world. This article describes that property and shows how it can be achieved by using digital signatures.

2. Defining the […]

cyber-attack-01082014

Attacking LAN hosts with ARP spoofing

1. Introduction

This article introduces the OSI model of internet communication, and describes ARP spoofing. It’s used to attack hosts in a Local Area Network (LAN). Passive and active sniffing […]

fuzzing-11082013

Fuzzing for SQL injection with Burp Suite Intruder

1. Introduction

This article introduces Burp Suite Intruder and shows how it can be used for SQL injection fuzzing.

2. Burp Suite Intruder

It is a part of Burp Suite, which is […]

risk

Quantitative Risk Analysis

1. Introduction

The goal of risk management is to deliver optimal security at a reasonable cost. This article introduces quantitative risk analysis. It also describes cost/benefit analysis, risk handling, […]

session-fixation-10312013

Understanding Session Fixation

1. Introduction

Session ID is used to identify the user of web application. It can be sent with the GET method. An attacker can send a link to the […]

Encryption

Symmetric and Asymmetric Encryption

1. Introduction

This article explains how symmetric and asymmetric encryption work. It also describes how to build a secure mail system using these two types of encryption.

2. Symmetric Encryption

Let’s assume […]

owasp_feature

CSRF Proof of Concept with OWASP ZAP

1. Introduction

This article introduces CSRF (cross-site request forgery) vulnerability and demonstrates how to prepare a CSRF proof of concept with OWASP ZAP.

2. Cross-site request forgery

The vulnerability allows an […]

xhydra09132013

Online Dictionary Attack with Hydra

1. Introduction

When an attacker wants to learn credentials for an online system, he can use brute force or a dictionary attack. This article introduces these two types of attack […]

Hashes09052013

Using Hashes in Computer Security

1. Introduction

Hashes are often used in computer security. This article presents how data integrity, authenticated data integrity and non-repudiation can be achieved using hashes. Finally it shows how to […]

onetimepassword-08212013

One-time passwords with token

1. Introduction

One-time passwords are used to achieve higher security than traditional static passwords. They’re often generated by tokens. This article presents how tokens (synchronous and asynchronous) can be used […]

cvss_07122013

Common Vulnerability Scoring System

1. Introduction

This article presents an open framework for scoring IT vulnerabilities— the Common Vulnerability Scoring System (CVSS) Version 2.0. It introduces metric groups, describes base metrics, vector, and scoring. […]