This blog is mostly for my own archiving of vulnerabilities I have discovered and defensive techniques. Hopefully it will serve others as well.<br><br><br><br><br><br><br><br><br><br>
http://pentesterconfessions.blogspot.com/
TODAY'S RATING
>1,000,000
Date Range
HIGHEST TRAFFIC ON
Thursday
LOAD TIME
0.7 seconds
16x16
32x32
PAGES IN
THIS WEBSITE
18
SSL
EXTERNAL LINKS
26
SITE IP
172.217.11.33
LOAD TIME
0.656 sec
SCORE
6.2
Confessions of a Penetration Tester | pentesterconfessions.blogspot.com Reviews
https://pentesterconfessions.blogspot.com
This blog is mostly for my own archiving of vulnerabilities I have discovered and defensive techniques. Hopefully it will serve others as well.<br><br><br><br><br><br><br><br><br><br>
pentesterconfessions.blogspot.com
Confessions of a Penetration Tester: September 2011
http://pentesterconfessions.blogspot.com/2011_09_01_archive.html
Confessions of a Penetration Tester. This blog is mostly for my own archiving of vulnerabilities I have discovered and defensive techniques. Hopefully it will serve others as well. DB2 SQL Injection : Select the Nth row without cursors. Select * from (. 160; select * from systables order by name asc fetch first 1 rows only. As G order by name desc fetch first 1 rows only. Select * from (. 160; select * from systables order by name asc fetch first 2 rows only. Select * from (. Select * from (.
Confessions of a Penetration Tester: June 2008
http://pentesterconfessions.blogspot.com/2008_06_01_archive.html
Confessions of a Penetration Tester. This blog is mostly for my own archiving of vulnerabilities I have discovered and defensive techniques. Hopefully it will serve others as well. There are a few different response handlers that you can set in the csrfguard.properties for CSRFGuard to automatically add your token to your html. They are:. Orgowasp.csrfguard.handlers.HTMLParserHandler. Will automatically parse the html response for a urls to attach the csrf token. This is performed server side. Page langu...
Confessions of a Penetration Tester: March 2011
http://pentesterconfessions.blogspot.com/2011_03_01_archive.html
Confessions of a Penetration Tester. This blog is mostly for my own archiving of vulnerabilities I have discovered and defensive techniques. Hopefully it will serve others as well. All of this is cool and I can’t wait to make my own channel but the other really cool trick it can do is act as a network sniffer! The channel code is written in BrightScript which is completely new to me. It looks alot, well exactly, like VB Script. I have never been a big fan of languages that don’t end lines i...I have just...
Confessions of a Penetration Tester: Roku hidden features.
http://pentesterconfessions.blogspot.com/2011/03/roku-hidden-features.html
Confessions of a Penetration Tester. This blog is mostly for my own archiving of vulnerabilities I have discovered and defensive techniques. Hopefully it will serve others as well. All of this is cool and I can’t wait to make my own channel but the other really cool trick it can do is act as a network sniffer! The channel code is written in BrightScript which is completely new to me. It looks alot, well exactly, like VB Script. I have never been a big fan of languages that don’t end lines i...
Confessions of a Penetration Tester: May 2008
http://pentesterconfessions.blogspot.com/2008_05_01_archive.html
Confessions of a Penetration Tester. This blog is mostly for my own archiving of vulnerabilities I have discovered and defensive techniques. Hopefully it will serve others as well. Secure salt, for tasty hashes. Now I will sha256 it and get JLKyuoTkWpu1nKzx24By0G45ACAQg9XvJIAbYXT0mo8=. I do the same thing with the password being password2. Which equals vwXZcCYEybvlfdm1xwOXnrXo0sWX f634njY3SMVyaI=. One other thing I would like to point out is that if i could pre-calculate the entire space(salt password) t...
TOTAL PAGES IN THIS WEBSITE
18
RPO
http://www.thespanner.co.uk/2014/03/21/rpo
Javascript blog with messed up syntax inside. Friday, 21 March 2014. Https:/ hackvertor.co.uk/public. Link href=styles.css rel=stylesheet type=text/css /. The link element above references style.css using a relative URL, depending where in the sites directory structure you are it will load the style sheet based on that. For example if you were in a directory called xyz then the style sheet would be loaded from xyz/style.css . I noticed something interesting with relative styles, manipulating the path of ...
mXSS
http://www.thespanner.co.uk/2014/05/06/mxss
Javascript blog with messed up syntax inside. Tuesday, 6 May 2014. Mutation XSS was coined by me and Mario Heiderich to describe an XSS vector that is mutated from a safe state into an unsafe unfiltered state. The most common form of mXSS is from incorrect reads of innerHTML. A good example of mXSS was discovered by Mario where the listing element mutated its contents to execute XSS. Listing <img src=1 onerror=alert(1)> /listing. Listing id=x <img src=1 onerror=alert(1)> /listing. If you try the above ve...
HTML scriptless attacks
http://www.thespanner.co.uk/2011/12/21/html-scriptless-attacks
Javascript blog with messed up syntax inside. Wednesday, 21 December 2011. Following up on @lcamtuf’s. Post about a “post xss” world. I thought I’d chip in with some vectors he missed. The textarea consumption technique he mentioned isn’t new and wasn’t invented by “Eric Y. Chen, Sergey Gorbaty, Astha Singhal, and Colin Jackson.” it was openly discussed on sla.ckers for many years (as usual) but anyway lets discuss vectors. Button as a scriptless vector. Option as a scriptless vector. Another interesting...
MentalJS bypasses
http://www.thespanner.co.uk/2014/06/24/mentaljs-bypasses
Javascript blog with messed up syntax inside. Tuesday, 24 June 2014. I managed to find time to fix a couple of MentalJS bypasses by LeverOne and Soroush Dalili (@irsdl). LeverOne’s vector was outstanding since it bypassed the parsing itself which is no easy task. The vector was as follows:. I/'/ alert(location);0)break/ '). For (var i$i$; / '/ alert(location);0)break/ '). For (var i$;i$ / '/ alert(location);0)break/ '). The entry ' MentalJS bypasses. Feed Both comments and pings are currently closed.
XSS Auditor bypass
http://www.thespanner.co.uk/2015/02/10/xss-auditor-bypass
Javascript blog with messed up syntax inside. Tuesday, 10 February 2015. Script x = "MY INJECTION" /script. As every XSS hacker knows you can use a “ /script ” block to escape out of the script block and inject a HTML XSS vector. So I broke out of the script block and used the trailing quote to form my vector. Like so:. Script script alert(1) ". You could of course use a standard. But what if quotes are filtered? X = " /script svg script alert(1) "";. The entry ' XSS Auditor bypass. Comments are closed :(.
2015 June
http://www.thespanner.co.uk/2015/06
Javascript blog with messed up syntax inside. Archives for the Month of June, 2015. New IE mutation vector. Wednesday, 17 June 2015. I was messing around with a filter that didn’t correctly filter attribute names and allowed a blank one which enabled me to bypass it. I thought maybe IE had similar issues when rewriting innerHTML. Yes it does of course The filter bypass worked like this: img = script alert(1) /script The filter incorrectly assumed it was still inside […].
Security
http://www.thespanner.co.uk/category/security
Javascript blog with messed up syntax inside. Archives for the ‘Security’ Category. Earlier Entries ». New IE mutation vector. Wednesday, 17 June 2015. Comments Off on New IE mutation vector. How I smashed MentalJS. Sunday, 3 May 2015. Comments Off on How I smashed MentalJS. Friday, 6 March 2015. Comments Off on MentalJS DOM bypass. Another XSS auditor bypass. Thursday, 19 February 2015. This bug is similar to the last one I posted but executes in a different context. It requires an existing script a...
Online Javascript LAN scanner
http://www.thespanner.co.uk/2007/07/28/online-javascript-lan-scanner
Javascript blog with messed up syntax inside. Online Javascript LAN scanner. Saturday, 28 July 2007. I’ve really enjoyed making this tool, it started off as a port scanner then it evolved into a router scanner and now I’ve decided to accept any device on a LAN. The code now works on Firefox and IE7 (which was a pain), I haven’t managed to test it on any other browser so please leave a comment if you find any problems. IE7 is super quick to scan, I think this is because timed out connections don’t a...
java
http://www.thespanner.co.uk/category/java
Javascript blog with messed up syntax inside. Archives for the ‘java’ Category. Tuesday, 6 May 2014. In this post I will explore Java serialized applets and how they can be used for XSS. A serialized applet contains code that can be easily stored and loaded. Java supports an attribute called object which accepts a url to a serialized class file this allows us to load applets of our choosing provided they […]. Comments Off on Java Serialization. On Sandboxing and parsing jQuery in 100ms.
Java Serialization
http://www.thespanner.co.uk/2014/05/06/java-serialization
Javascript blog with messed up syntax inside. Tuesday, 6 May 2014. In order to create a serializable Java applet you need the following code (You also need to add plugin.jar to the class path):. Import java.applet.*;. Import netscape.javascript.*;. Public class XSS extends Applet implements java.io.Serializable {. Public void init() {. JSObject win = (JSObject) JSObject.getWindow(this);. Applet object="xss.ser" codebase="http:/ any url here containing the class and serialized data" /applet. Applet param ...
TOTAL LINKS TO THIS WEBSITE
26
Социальный пентест
Российский лидер в области расследования компьютерных преступлений оказывает полный комплекс услуг по расследованию инцидентов информационной безопасности и компьютерных преступлений, начиная от оперативного реагирования на инцидент и заканчивая постинцидентным консалтингом. Все права защищены Group-IB 2013.
Pentester Tips
Http:/ www.darkoperator.com/. Http:/ www.reddit.com/r/netsec. Http:/ www.josho.org/. Http:/ www.offense-in-depth.com/. Http:/ www.paysw.com/. Https:/ www.duosecurity.com/. My name is Joseph Pierini CISSP, PCI: QSA, PA-DSS, QSE. I am the Director of Technical Services for PSC's Security Lab. This is a quick page to share pen tester tips and resources I've collected from the InfoSec Community. My Latest Blog P. Http:/ www.darkoperator.com/. Http:/ www.reddit.com/r/netsec. PCI Security Standards Council.
Pentester Academy: Learn Pentesting Online
Best quality/price combo. Training material is well structured, practices after each section are great to help understanding the topic, exams are also great practical ones. You actually need to think and learn a bit to pass the exam, however the training covers enough details to pass them without much additional research. There are no pre-defined questions or answers. IT security specialist, Germany.
Dyn Parked Domain Page
Dyn - Internet Performance. This domain is just sitting here. Waiting to become a unique experience shared with the world. Waiting to become a unique experience shared with the world.
pentesterconfessions.blogspot.com
Confessions of a Penetration Tester
Confessions of a Penetration Tester. This blog is mostly for my own archiving of vulnerabilities I have discovered and defensive techniques. Hopefully it will serve others as well. Pen testing Collaboration with FuseSoft Faction. If you have not checked out FuseSoft Faction. Below shows how the vulnerability entry works from the web site. But your not restricted to just using the website to enter vulnerabilities. There is some pretty robust burp suite integration. You can add vulnerabilities and ...For e...
Pentester Notes - The Online Scraps of Paper
Kali Linux . Useful Commands. February 7, 2014 /. If you are not familiar with Kali Linux then this growing list of commands might be considered useful. Update Kali and Associated tools apt-get update & apt-get upgrade Starting Metasploit with DataBase support service postgresql start & service metasploit start Lauching SET (Social Engineering Toolkit) setoolkit. Stop WordPress Changing your - to a single -. February 7, 2014 /. Metasploit SVN to GIT . It works this way. February 6, 2014 /. Ettercap is an...
pentesters.com
Audyt bezpieczeństwa informatycznego, testy penetracyjne aplikacji, serwerów, sieci, systemów IT - Pentesters
We protect your information. Niektórzy eksperci uważają, że bezpieczeństwo systemów informacyjnych znamy na tyle na ile zostało ono sprawdzone. Testy penetracyjne pozwalają sprawdzić rzeczywisty poziom ochrony informacji. Ponadto testy penetracyjne umożliwiają identyfikację zagrożeń, które mogą doprowadzić do wycieku danych, utraty dostępności czy awarii sieci informatycznej. Różnica pomiędzy testem penetracyjnym a rzeczywistym atakiem jest taka, że nad tzw. ethical hacking mamy całkowitą...Penetracyjne ...
Penetration Tester `s Script | which make life easy
Penetration Tester `s Script. Which make life easy. February 11, 2014. Skype resolver bash script. This is simple bash script which query skype username against http:/ resolveme.org/. And grab I.P. Wget https:/ raw2.github.com/niravkdesai/skypersolver.sh/master/skypersolver.sh. Skype resover bash script. January 16, 2014. Bash script for checking HTTP headers for security. For checking http header for security perspective you can visit Security Headers. It will check for following header. December 9, 2013.
pentesterstudio.com - Registered at Namecheap.com
This domain is registered at Namecheap. This domain was recently registered at Namecheap. Please check back later! This domain is registered at Namecheap. This domain was recently registered at Namecheap. Please check back later! The Sponsored Listings displayed above are served automatically by a third party. Neither Parkingcrew nor the domain owner maintain any relationship with the advertisers.
SOCIAL ENGAGEMENT