• Gaining Domain Admin from Outside Active Directory

    …or why you should ensure all Windows machines are domain joined.

  • How to Use X-XSS-Protection for Evil

    Two important headers that can mitigate XSS are:

  • Hidden XSS

    On a recent web test I was having trouble finding any instances of cross-site scripting, which is very unusual.

  • ASP.NET Request Validation Bypass

    …and why you should report it (maybe).

  • XSS Without Dots

    A recent site that I pentested was echoing everything on the query string and POST data into a <div> tag.

  • CSRF Mitigation for AJAX Requests

    To start with, a quick recap on what Cross-Site Request Forgery is:

  • To Be (Enumerated) Or Not To Be

    Are user enumeration vulnerabilities a real security concern? User enumeration is when an application reveals whether a user exists to other users.

  • Unterminated XSS

    I recently came up against the following injection on a pen test (simplified for the purposes of this post):

  • Umbraco LFI Exploitation

    I mentioned a Local File Inclusion vulnerability (LFI) that I discovered in Umbraco without realising it wasn't patched by the update at the time. Well, as promised here are the details on how to exploit it.

  • Security Flaw or Functional Flaw?

    Having worked as a developer for over ten years before branching into pentesting, I always aimed to bake security into my work, even if I didn’t have the wealth of knowledge that I now have in order to do my day job.

  • Umbraco 0-day

    During a pentesting engagement a couple of years ago I came across an undocumented security vulnerability in Umbraco, more specifically with the ClientDependency library.

subscribe via RSS