Codegate 2013 YUT Challenge: Forensics 100 Solution
Thanks to David, Kai, and Kevin for help with various phases of this challenge.
HTTP Response Splitting
This blog post describes about the lesser known attack, targeted towards HTTP Headers due to improper input validation. It also describes on how other attacks can be mounted using this mechanism.
Android Security 101 -- IG Learner(Part-3)
Please check the first part of this series on Android 101, if you want to check the necessary tools and how to prepare for the app assessment.
Android Security 101 -- IG Learner(Part-2)
Please check the first part of this series on Android 101, if you want to check the necessary tools and how to prepare for the app assessment.
Android Security 101 -- IG Learner
This app was released in this year’s Shmoocon’13 by Intrepidus Group. You can get the app from the Google play store. This app as the name suggests is an android security learner app, there are deliberate vulnerabilities in this app from bad logging to intent manipulation. There will series of blog posts which gives a walk through of each lesson.
Escaping Python Sandboxes
Note: This is all written for Python 2.7.3. These details might be different in other versions of Python - especially 3+!