Pentesting gRPC-Web : Recon and reverse-engineering

gRPC-Web has reached General Availability! The official blog announcement can be found here: https://grpc.io/blog/grpc-web-ga gRPC makes leveraging Protocol Buffers extremely easy, and ProtoBufs in and off itself has some very good advantages over REST when it comes to performance and contract-based development. However so far ProtoBufs are used typically in the backend to facilitate inter-microservice … Continue reading Pentesting gRPC-Web : Recon and reverse-engineering

Advertisements

Pentesting gRPC / Protobuf : Decoding First steps

Protocol Buffers (a.k.a ProtoBuf) and other binary serialization representations are gaining popularity, especially in inter-microservice communication. Unlike JSON or HTTP, ProtoBufs are not human readable (hence the "binary" part of binary serialization) , but that translates into an advantage of  less overhead, leading to performance gains, and the ability to code against a fixed schema … Continue reading Pentesting gRPC / Protobuf : Decoding First steps

Android hacking tools update for Sept 2018

This article outlines a few "lessons learned" during an Android pen-test, specifically on which parts of my toolset I needed to update to accommodate newer android versions (Android v7+) MultiDex support One of the standard pen-test techniques is to decompile the App's source code. Typically this is done by converting the APK DEX code to … Continue reading Android hacking tools update for Sept 2018

First steps in writing a custom OWASP ZAP extension

OWASP ZAP is a very popular attack proxy typically used in Web Application penetration tests. Think "Open Source BurpSuite", and that's ZAP in a nutshell. It has become my go-to tool for penetration tests, and it definitely is a fantastic piece of software that ticks all my boxes - except one. The problem : Note taking … Continue reading First steps in writing a custom OWASP ZAP extension

Cyber Security: Sparse coding and anomaly detection

I've recently published the thesis I wrote in fulfillment of my Masters in Computer Security, entitled BioRFID: A Patient Identification System using Biometrics and RFID Anyone interested can download and read the whole thesis here: https://www.researchgate.net/publication/317646400_BioRFID_A_Patient_Identification_System_using_Biometrics_and_RFID In this article I'll give an extremely compressed version of the thesis and how the work therein can be … Continue reading Cyber Security: Sparse coding and anomaly detection

PaloAlto Captive Portal XSS Attack

PaloAlto has issued a patch for a XSS attack on the captive portal that I disclosed a few months back. The official advisory can be found here: https://securityadvisories.paloaltonetworks.com/Home/Detail/66 (Detail taken from https://securityadvisories.paloaltonetworks.com/) The attack has been given a CVSS score of 6.1: (Screenshot taken from IBM X-Force: https://exchange.xforce.ibmcloud.com/vulnerabilities/118524) Below follows the original report submitted to PaloAlto … Continue reading PaloAlto Captive Portal XSS Attack

Signing GMail Messages with the Estonian eID PKI Card (Part 2)

In a previous blog post we explored how to sign messages using the Estonian eID card. In this video, we demonstrate how a receiver who got a signed email message would be able to verify that the email really did come from the advertised sender. https://youtu.be/Nx-jRPIAyEM I have uploaded the revised code to github, please … Continue reading Signing GMail Messages with the Estonian eID PKI Card (Part 2)