WebSockets and Meteor: Introduction to WebSockets for Penetration Testers
Most penetration testers know that common web security tools have limited support for WebSocket, but the differences between HTTP and WebSocket run much deeper than that. A successful penetration test on a WebSocket app requires a conceptual understanding of the protocol’s design.
Attacking Go's Lagged Fibonacci Generator
Client-Side Authorization
“Don’t use client-side authorization” is a well-known security rule. Or at least it should be. I went looking for a canonical reference for it, and could not find one, so I wrote one. Please comment if you know a better reference for this!
ASLR Protection for Statically Linked Executables
We present new research that details crucial security weaknesses in Linux software that has been statically linked. We also provide a solution to temporarily resolve these security issues. Finally, we conclude by demonstrating how to have both RELRO [1] and ASLR [2] security mitigations working with static linked executables in the ELF format.
The Calculus of Threat Modeling
I have been designing secure and security products for 20 years. I always thought of this as “architecture” and it took me a long time to realize that a major part of what I was doing was threat modeling. There are many established approaches to threat modeling, but because I backed into the field, I had rolled my own. This post is to explicitly describe what I have been doing.