Welcome to SecurityDocs

A collection of 8,047 IT security white papers, carefully curated by professionals like yourself

Leading the Blind to Light! - A Chain to RCE

by Andy Gill

The chain of issues started with an outdated instance of Oracle E-Business Suite which has many publicly disclosed issues, two of which were an authentication bypass & a blind XXE vulnerablity. For anyone who's ever come across Oracle EBS you'll know if it's outdated often it'll be riddled with holes, which is great from a bug bounty & pentesting perspective but not so great for companies who are using it.

Nov. 24, 2017 0 comments blog.zsec.uk Pen Testing & Audits

Metasploitable Walkthrough: An Exploitation Guide

Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image with a number of vulnerable packages included, which can be run on most virtualization software. You can grab your copy at Vulnhub – Metasploitable I used Kali Linux for attacking and VirtualBox for virtualization.

Nov. 24, 2017 0 comments tehaurum.wordpress.com Pen Testing & Audits

Burp Suite Tutorial Web Penetration Tool Kit

Burp Suite is a web application penetration testers Dream tool and the most powerful tool out there on the internet can it can be used to cover everything full in depth that you ever wanted. So i will be my best to thoroughly explain all the details as there are a lot of things to cover. Here is a quick list of Burp Suite components:

Nov. 24, 2017 0 comments securitytraning.com Pen Testing & Audits

Burp Suite Tutorial – Web Application Penetration Testing

by Royce Davis

Burp Suite from Portswigger is one of my favorite tools to use when performing a Web Penetration Test. The following is a step-by-step Burp Suite Tutorial. I will demonstrate how to properly configure and utilize many of Burp Suite’s features. After reading this, you should be able to perform a thorough web penetration test. This will be the first in a two-part article series.

Nov. 24, 2017 0 comments www.pentestgeek.com Pen Testing & Audits

Spoofing Attacks DHCP Server Spoofing

by Alok

One of the Layer 2 attacks inside a LAN network that is very dangerous for information privacy and LAN integrity is spoofing attack. This is special kind of attack where attacker can gain access to network traffic by spoofing responses that would be sent by a valid DHCP server. This attack is using a technique ARP spoofing, also called ARP cache poisoning or ARP poison routing (APR) that is a simple LAN attack technique. ARP spoofing will allow an attacker to intercept frames on a LAN, modif...

Nov. 24, 2017 0 comments learningnetwork.cisco.com Pen Testing & Audits

Scanning Ethereum smart contracts for vulnerabilities

by Bernhard Mueller

In this article, I’ll show how to run different types of security scans with Mythril using smart contracts from the Ethernaut wargame as examples (thanks to the guys from Zeppelin solutions for giving me permission). If you haven’t tried the wargame yourself, be aware that there are spoilers ahead! I recommend giving it a shot yourself first if you haven’t already.

Nov. 24, 2017 0 comments hackernoon.com Apps & Hardening

How I Hacked 40 Websites in 7 minutes

by Georgios Konstantopoulos

Last summer I started learning about information security and hacking. Over the last year I’ve played in various wargames, capture the flag and penetration testing simulations, continuously improving my hacking skills and learning new things about ‘how to make computers deviate from their expected behavior’. Long story short, my experience was always limited to simulated environments, and since I consider myself a white-hat hacker (aka one of the good guys) I never stuck my nose into other p...

Nov. 24, 2017 0 comments hackernoon.com Pen Testing & Audits

3 Security Features to Consider When Choosing a Linux Workstation

by KONSTANTIN RYABITSEV

In this new blog series, we’ll lay out a set of baseline recommendations for Linux workstation security to help systems administrators avoid the most glaring security errors without introducing too much inconvenience. These are the same guidelines our own 100 percent remote team uses every day to access and manage the IT infrastructure for dozens of The Linux Foundation projects including Linux, Hyperledger, Kubernetes, and others. Even if your systems administrators are not remote workers...

Nov. 24, 2017 0 comments www.linux.com Apps & Hardening

Web Security: Best Practices in 2017

I recently found out about Mozilla Observatory and ran my website through the tool. The results were depressing…a big, fat, ugly F. For those of you not familiar with grading in the US, an F is the lowest grade possible. It’s like a punch in the face to my pride.

Nov. 24, 2017 0 comments hackernoon.com Apps & Hardening

PandaLabs Annual Security Report 2017

by Luis Corrons

Cybercrime is an attractive and profitable business. Attackers are making use of more, and better, digital and economic resources than ever before, allowing them to develop attacks that are increasingly sophisticated. Almost anyone can launch an advanced attack thanks to the democratization of technology, the black market, and open source tools. As a consequence, it must be assumed that all companies could become the target of an advanced attack to start working on effective securi...

Nov. 24, 2017 0 comments www.pandasecurity.com Detection & Response

Cryptographically Secure Information Flow Control on Key-Value Stores

by Lucas Waye, Pablo Buiras, Owen Arden, Alejandro Russo, Stephen Chong

We present Clio, an information flow control (IFC) system that transparently incorporates cryptography to enforce confidentiality and integrity policies on untrusted storage. Clio insulates developers from explicitly manipulating keys and cryptographic primitives by leveraging the policy language of the IFC system to automatically use the appropriate keys and correct cryptographic operations. We prove that Clio is secure with a novel proof technique that is based on a proof style from ...

Nov. 23, 2017 0 comments acmccs.github.io

Composing Differential Privacy and Secure Computation: A case study on scaling private record linkage

by Xi He, Ashwin Machanavajjhala, Cheryl Flynn, Divesh Srivastava

Private record linkage (PRL) is the problem of identifying pairs of records that are similar as per an input matching rule from databases held by two parties that do not trust one another. We identify three key desiderata that a PRL solution must ensure: (1) perfect precision and high recall of matching pairs, (2) a proof of end-to-end privacy, and (3) communication and computational costs that scale subquadratically in the number of input records. We show that all of the existing solu...

Nov. 23, 2017 0 comments acmccs.github.io

Fast Private Set Intersection from Homomorphic Encryption

by Hao Chen, Kim Laine, Peter Rindal

Private Set Intersection (PSI) is a cryptographic technique that allows two parties to compute the intersection of their sets without revealing anything except the intersection. We use fully homomorphic encryption to construct a fast PSI protocol with a small communication overhead that works particularly well when one of the two sets is much smaller than the other, and is secure against semi-honest adversaries. The most computationally efficient PSI protocols have been constructed us...

Nov. 23, 2017 0 comments acmccs.github.io

Practical Multi-party Private Set Intersection from Symmetric-Key Techniques

by Vladimir Kolesnikov, Naor Matania, Benny Pinkas, Mike Rosulek,Ni Trieu

We present a new paradigm for multi-party private set intersection (PSI) that allows n parties to compute the intersection of their datasets without revealing any additional information. We explore a variety of instantiations of this paradigm. Our protocols avoid computationally expensive public-key operations and are secure in the presence of any number of semi-honest participants (i.e., without an honest majority). We demonstrate the practicality of our protocols with an implementati...

Nov. 23, 2017 0 comments acmccs.github.io

T/Key: Second-Factor Authentication From Secure Hash Chains

by Dmitry Kogan, Nathan Manohar, Dan Boneh

Time-based one-time password (TOTP) systems in use today require storing secrets on both the client and the server. As a result, an attack on the server can expose all second factors for all users in the system. We present T/Key, a time-based one-time password system that requires no secrets on the server. Our work modernizes the classic S/Key system and addresses the challenges in making such a system secure and practical. At the heart of our construction is a new lower bound analyzin...

Nov. 23, 2017 0 comments acmccs.github.io

Faulds: A Non-Parametric Iterative Classifier for Internet-Wide OS Fingerprinting

by Zain Shamsi, Daren B.H. Cline, Dmitri Loguinov

Recent work in OS fingerprinting [41], [42] has focused on overcoming random distortion in network and user features during Internet-scale SYN scans. These classification techniques work under an assumption that all parameters of the profiled network are known a-priori – the likelihood of packet loss, the popularity of each OS, the distribution of network delay, and the probability of user modification to each default TCP/IP header value. However, it is currently unclear how to obtain ...

Nov. 23, 2017 0 comments acmccs.github.io

The Wolf of Name Street: Hijacking Domains Through Their Nameservers

by Thomas Vissers, Timothy Barron, Tom Van Goethem, Wouter Joosen, Nick Nikiforakis

The functionality and security of all domain names are contingent upon their nameservers. When these nameservers, or requests to them, are compromised, all domains that rely on them are a!ected. In this paper, we study the exploitation of con"guration issues (typosquatting and outdated WHOIS records) and hardware errors (bitsquatting) to seize control over nameservers’ requests to hijack domains. We perform a large-scale analysis of 10,000 popular nameserver domains, in which we map ou...

Nov. 23, 2017 0 comments acmccs.github.io

The TypTop System: Personalized Typo-Tolerant Password Checking

by Rahul Chatterjee, Joanne Woodage, Yuval Pnueli, Anusha Chowdhury, Thomas Ristenpart

Password checking systems traditionally allow login only if the correct password is submitted. Recent work on typo-tolerant password checking suggests that usability can be improved, with negligible security loss, by allowing a small number of typographical errors. Existing systems, however, can only correct a handful of errors, such as accidentally leaving caps lock on or incorrect capitalization of the first letter in a password. This leaves out numerous kinds of typos made by users,...

Nov. 23, 2017 0 comments acmccs.github.io

Pool: Scalable On-Demand Secure Computation Service Against Malicious Adversaries

by Ruiyu Zhu, Yan Huang, Darion Cassel

This paper considers the problem of running a long-term on-demand service for executing actively-secure computations. We examined state-of-the-art tools and implementations for actively-secure computation and identified a set of key features indispensable to offer meaningful service like this. Since no satisfactory tools exist for the purpose, we developed Pool, a new tool for building and executing actively-secure computation protocols at extreme scales with nearly zero offline delay....

Nov. 23, 2017 0 comments acmccs.github.io

A Formal Foundation for Secure Remote Execution of Enclaves

by Pramod Subramanyan, Rohit Sinha, Ilia Lebedev, Srinivas Devadas, Sanjit A. Seshia

Recent proposals for trusted hardware platforms, such as Intel SGX and the MIT Sanctum processor, offer compelling security features but lack formal guarantees. We introduce a verification methodology based on a trusted abstract platform (TAP), a formalization of idealized enclave platforms along with a parameterized adversary. We also formalize the notion of secure remote execution and present machine-checked proofs showing that the TAP satisfies the three key security properties that...

Nov. 23, 2017 0 comments acmccs.github.io

Subscribe

We'll send you a carefully curated list of the best IT security white papers to your mailbox every Friday.