Image for post
Image for post
Img source: https://portswigger.net/web-security/cross-site-scripting

XSS (Cross Site Scripting) — one of the most popular types of web vulnerabilities, which allows you to embed malicious code in the page given by a web application. Attacks using the XSS vector allow you to embed arbitrary content on the page, intercept cookies and sessions of other users, gain access to closed sections of the site and even administrator privileges of a web resource.

There are several types of XSS:

  • Stored. Malicious code is stored on the server and downloaded from it every time users request the display of a particular page. Most often they appear where user input is not filtered and stored on the server: forums, blogs, chats, server logs, etc. For example, the script <img src=”http://exmple.com …


Image for post
Image for post

When developing or supporting web applications, at some point in time you have to deal with the need to use WAF (Web Application Firewall). If you have no experience working with such a class solution or you are tired of constant false positives, I will tell you how to simplify the task, as well as share tips and tricks. As a tool, we will use Nemesida WAF Free — the free version of Nemesida WAF.

Visualization, or let’s start from the end

You can monitor the work of Nemesida WAF Free through a browser, so after a short setup of the system, we will get access to the web interface, which will provide information about blocked attacks, reasons for blocking, information about IP addresses, etc. In addition, there will be sections with summary statistics in the form of graphs, charts and traffic data from the VTS module (if it is used). …


Image for post
Image for post

Today, let’s look at the way how to test the security of a company’s wireless network relatively invisibly. The Raspberry Pi, which supports installing Kali Linux, will be used as the basis. Installing the distribution is quite simple:

  • Download the official image from the site kali.org;
  • Write it to an SD disk using Win32image for Windows and Gparted for Linux;
  • Launch the Raspberry Pi with the installed SD card.

After installation, you can optionally update packages if they are available. But you don’t need to do anything else to work properly. The required memory card size is 8Gb or higher. …


Image for post
Image for post

Web application vulnerabilities appear when developers add unsafe code to a web application. It can happens both in the development stage, and in the stage of finalizing or fixing previously found vulnerabilities. Disadvantages are often classified according to their severity and prevalence. The OWASP Top 10 is considered to be the most popular and objective vulnerability classification. This rating is compiled by OWASP Project specialists and updated every 3–4 years. The current release is in 2017, and the next one is expected in 2020–2021.

Popular vulnerabilities

First of all, let’s look at typical vulnerabilities that affect many web applications.

Injections

As expected, “Injection” attacks take the leading position in the OWASP Top 10, being found almost everywhere and being extremely diverse in realization. Vulnerabilities of this class start with SQL injections, in various modifications and end with RCE-remote code execution. …


Image for post
Image for post

Securing web applications (websites, online stores, personal accounts) and APIs is not as easy as it might seem at first glance. There are several reasons for this:

  • web applications are available 24/7, and an attacker can launch an attack at any time;
  • web applications are a stack of different technologies, the interaction of which is sometimes difficult to implement;
  • web applications are often self-written and, unfortunately, this does not make them more secure;
  • web applications are initially developed to improve the company’s image and obtain economic benefits, and their security is not the first thing to think about;
  • thanks to the web application, you can get a variety of valuable information, from user data to the best practices of the owner company. …


Image for post
Image for post

In the previous article we talked about Nemesida WAF Free – a free web application firewall for protecting web sites and API against hacker attacks, and in this article we decided to review the popular web application vulnerability scanner – Wapiti.

Scanning a site for vulnerabilities is a necessary measure, which, together with an analysis of the source code, allows you to assess the level of its protection against threats of compromise. You can scan a web resource using specialized tools.

Nikto, W3af (written in Python 2.7, whose support has ended) or Arachni (no longer supported since Feb. 2020) are the most popular solutions presented in the free segment. …


Image for post
Image for post

An external network perimeter is most often attacked, defining the task for technical specialists to make it as secure and inaccessible as possible. To do this, it is necessary to perform penetration testing, one of the stages of which is scanning the perimeter for vulnerabilities. If you can’t attract professional pentesters, at the basic level you can independently evaluate the security of network resources for free. As a distribution for security analysis, you can use Kali Linux with necessary tools.

Information provided for informational purposes only. Do not break the law!

Network Scanning

First, scan the IP address using Nmap (we assume that we are scanning the…


Image for post
Image for post

The constant growth of hacker activity and the lack of control over the security of web applications is accompanied by a massive compromise of resources. How an attacker can attack a site using the example of an online store, what consequences this leads to and how to counteract such attacks, especially during an increased load, we will share in this article.

To maintain a high level of site security during a period when staff efforts are aimed at solving a number of additional tasks related to the transition to a remote mode of operation, it is necessary to think about automation of issues related to information security. …


WordPress website attack using JavaScript and XSS

Image for post
Image for post

Nemesida WAF recently blocked a rather entertaining attack attempt using XSS and JavaScript. Despite the fact that I am not a JS developer, I decided to understand the essence of the attack for the sake of interest. The peculiarity of the vector lies in the specifics of the work of WordPress itself — the ability to edit theme files through the admin panel, allowing the administrator to inject malicious code invisibly.

The payload, presented in the form of JS, is posted on the site through the XSS vulnerability, after which it is waiting for its execution. Running by the administrator of the web resource, the code modifies the contents of the WordPress theme file (header.php), …


Image for post
Image for post

In the previous review of free WAFs for Nginx we compared NAXSI and Nemesida WAF Free. Now the time has come to make another review, using the most popular technology in its segment — ModSecurity, or Modsec. The review will take into account the simplicity of installation, the quality of the predefined signatures (False Positive, False Negative), usability and other criteria.

Installation

ModSecurity

Initially ModSecurity was developed only for a web server controlled by Apache, but at the moment it is a cross-platform technology and can be installed on Apache, Nginx and IIS. …

About

Pentestit

From Information Security With Love

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store