Remove Insecure HTTP Headers New technologies: HAProxy! This page is a collection of instructions to remove unnecessary server headers which may be reported as part of a Penetration Test performed by a security engineer or reported via automated tools. I have catalogued these remediation instructions for many technologies in this single site to save the vast amounts of searching… Read More
Time to Euthanize “Pragma: no-cache” Modern Cache Directives As part of each website security vulnerability assessment performed, the security researcher will check that proper caching directives are implemented. In situations where the most extreme “never cache this data” is required, the gold standard HTTP headers recommended by infosec professionals everywhere is: Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT 123 Cache-Control: no-cache, no-store, max-age=0, must-revalidatePragma: no-cacheExpires: Thu, 01 Jan 1970 00:00:00 GMT This advice is problematic and here in this… Read More
Insecure HTTP Header Removal (old version) A massively updated version of this post is over at https://veggiespam.com/headers/. This page is a collection of instructions to remove unnecessary server headers which may be reported as part of a Penetration Test performed by a security engineer or reported via automated tools. I have catalogued these remediation instructions for many technologies in one place… Read More
Accidental Offensive Security: Analysis of Buffer Overrun in a Security Tool During a project working with Hydra, a Network Login Auditor, we discovered and corrected a buffer overrun issue with possible security implications that might include the auditor being attacked by the auditee. TL;DR Attacker using Hydra or Medusa can get pwn’d by the victim website responding with remote code execution via buffer overrun exploit.… Read More
Image Location & Privacy Scanner v0.3 Announcement: Image Location & Privacy Scanner v0.3 I have completed a large update of the Image Location Scanner software; so many new features in fact, it gets a new name: “Image Location & Privacy Scanner”. It now detect serial number from the cameras in scanned images and even the camera owner’s name from some Canon… Read More
How to track down your Ex(if) – talk given 26 feb 2015 How To Track Down Your Ex(if) Adding Jpeg Exif detection to your penetration regiment and learning how to practice Safe (s)Exif Abstract: We unintentionally distribute GPS data with every photograph, including indoor pictures. This talk will describe a real-world scenario involving remote education site where teachers & students exposed their confidential home address via profile… Read More