Pentesting gRPC-Web : Recon and reverse-engineering

gRPC-Web has reached General Availability! The official blog announcement can be found here: https://grpc.io/blog/grpc-web-ga gRPC makes leveraging Protocol Buffers extremely easy, and ProtoBufs in and off itself has some very good advantages over REST when it comes to performance and contract-based development. However so far ProtoBufs are used typically in the backend to facilitate inter-microservice … Continue reading Pentesting gRPC-Web : Recon and reverse-engineering

Advertisements

First steps in writing a custom OWASP ZAP extension

OWASP ZAP is a very popular attack proxy typically used in Web Application penetration tests. Think "Open Source BurpSuite", and that's ZAP in a nutshell. It has become my go-to tool for penetration tests, and it definitely is a fantastic piece of software that ticks all my boxes - except one. The problem : Note taking … Continue reading First steps in writing a custom OWASP ZAP extension

What do Smartphone Predictive Text and Cybersecurity have in common?

Maybe the link between your smartphone keyboard and current machine learning research in cybersecurity is not apparent at first glance, but the technology behind both is extremely similar: both leverage deep learning architectures called Recurrent Neural Networks [RNNs], specifically a type of RNN called Long Short Term Memory [LSTM]. One of the main advantages of … Continue reading What do Smartphone Predictive Text and Cybersecurity have in common?

Threat hunting using DNS indicators

DNS is a great source of information for security analysts… if you’re not already monitoring DNS activity in your network — you should start asap, for the reasons we’ll explore in this article DNS is one of the major workhorses that powers the Internet. Everything uses DNS — browsers, apps, updates… and malware. Almost every malware needs to “phone … Continue reading Threat hunting using DNS indicators

Using Twitter as a source of Indicators of Compromise

At CyberSift we strive to turn threat data into threat intelligence. These two are not one and the same, there is a subtle difference which we can summarize succinctly as follows: threat data + context = threat intelligence One of the best ways to add context to alerts that get sent to a security analyst … Continue reading Using Twitter as a source of Indicators of Compromise

The importance of data mining in the field of cybersecurity

In a very interesting article on TechCrunch, Michael Schiebel writes about the various ways in which security analysts can learn from data scientists. He makes a couple of points that are worth highlighting. Today, hacking is a much more complex art than it used to be: It no longer only involves just scanning and penetrating … Continue reading The importance of data mining in the field of cybersecurity

We are failing at the cyber security hierarchy of needs

Many of us are probably familiar with the concept of the “hierarchy of needs”. The concept is usually depicted as a pyramid with humans’ more essential needs — such as bodily function — at the bottom, with more non-essential but rewarding needs towards the top: Marlow’s Hierarchy of needs (https://en.wikipedia.org/wiki/Maslow's_hierarchy_of_needs)What if we extend this concept of a hierarchy of … Continue reading We are failing at the cyber security hierarchy of needs