"Ajax allows the development of more feature rich, asynchronous applications, but in doing so opens up new possibilities for attackers. We look at the relevant security issues and their possible solutions. Ajax (Asynchronous JavaScript and XML) lurched into being in 2005 [1]. As a web services model, Ajax is touted as the...
Microsoft Anti-Cross Site Scripting Library V1.5 is Released
"For defence in depth, developers may wish to use the Microsoft Anti-Cross Site Scripting Library to encode output. This library differs from most encoding libraries in that it uses the "principle of inclusions" technique to provide protection against XSS attacks. This approach works by first defining a valid or allowable set of...
Browser Port Scanning without JavaScript
Jeremiah 'Lord Nikon' Grossman Writes "Since my Intranet Hacking Black Hat (Vegas 2006) presentation, I've spent a lot of time researching HTML-only browser malware since many experts now disable JavaScript. Imagine that! Using some timing tricks, I've discovered a way to perform Intranet Port Scanning with a web browser using only HTML....
Vulnerability Scanning Web 2.0 Client-Side Components
Shreeraj Shah has written an article outling some of the 'Web 2.0' risks. He covers RSS Security, JSON, Ajax Security, Cross Site Request Forgery and other related issues. Article Link: http://www.securityfocus.com/infocus/1881
Finally someone speaking about RIA (Rich Internet Applications)
I was happy to see a post at GNUCITIZEN chatting about RIA and how we should start reading up on this new exciting technology. This is something I'm planning on sticking this in my 2007 risk predictions. XUL and WPF/XAML are some exciting new web technologies I strongly advise you start reading...
Attacking Permalinks
Everyone has seen urls such as http://site/2006/02/02 and you know that there's an application in the backend somewhere but figuring out how to attack those urls can be tricky. A few of you have probably tried attacking them by sending requests such as http://site/2006'>/02/02 and received a 404 page. I started thinking...
Web Application Security Professionals Survey Results
Jeremiah grossman sent out a survey a few weeks ago to the application security industry and he has posted the results on his site. "73% of those performing web application vulnerability assessments are not using or rarely using commercial scanner products. It's hard to say if this is good/bad/increasing/decreasing or otherwise. Certainly...
Top 10 Ajax Security Holes Post
RSnake provides some much needed insight into the AJAX craze. "However, I'd like to point out, as I have before that really users should not consider AJAX to be another security risk. It is the same old risk that we have always faced, except there is more client side code that can...
Article: Challenges faced by automated web application security assessment tools
If you're in the position of evaluating a web application security scanner, or use one to fulfill a compliance scanning requirement then you may want to check out an article I wrote describing some of the challenges these products face. Article Link: http://www.cgisecurity.com/articles/scannerchallenges.shtml
Mod Security as an IPS
One of our readers 'J. Oquendo' "got bored" and wrote an article titled 'Securing LAMP and using ModSecurity as an IPS'. "Many times administrators often forget to do security checks from the ground up. They often will rely on simple methods of testing a machine. An NMAP scan here, a Metasploit scan...
Detecting Web Application Security Vulnerabilities
An anonymous poster contributes "Web application source code, independent of languages and platforms, is a major source for vulnerabilities. One of the CSI surveys on vulnerability distribution suggests that 64% of the time, a vulnerability crops up due to programming errors and 36% of the time, due to configuration issues. According to...
Security Fix Released for PHP
"The PHP development team is proud to announce the immediate release of PHP 5.2.0. This release is a major improvement in the 5.X series, which includes a large number of new features, bug fixes and security enhancements. Further details about this release can be found in the release announcement 5.2.0, the full...
Happy Birthday Internet Worms
"The Morris worm or Internet worm was one of the first computer worms distributed via the Internet; it is considered the first worm and was certainly the first to gain significant mainstream media attention. It was written by a student at Cornell University, Robert Tappan Morris, and launched on November 2, 1988...