JSON Web Tokens (JWT) are widely used for authentication in modern applications. As their use increases, so does the importance of understanding common attacks against them, such as algorithm confusion attacks. For a long time, it was believed that exploiting this vulnerability required access to the public key. However, this…

In this blog post, we are going to cover a strategy to help you get a job as a pentester or application security professional. There is a lot of content on what you need to learn but not that much on what strategy you should follow. First, let’s say we…

Too often (me included), savvy code reviewers recommend to get started into code review by “Just reading code” and that is indeed the best way to get started. …

I recently found a small issue in some TLS clients. More precisely, it is more of a difference between what happens and what I expect to happen. Let’s dig in! When you use TLS, you can decide to use your own certificate authority (CA). Three main reasons: cheaper (arguable nowadays…

After reading this blog post on a bug in Github and Unicode, I started playing more and more with Unicode (even bought two domains). Recently, I had a Eureka moment while camping and started wondering: “what was the impact of those uppercase and lowercase transformations on regular expression?” And the…

Every week, our twitter account @PentesterLab publishes a list of articles worth-reading. This is the list of all the articles for 2019. Enjoy!! 30/12/2019 🗞️ https://medium.com/@terjanq/clobbering-the-clobbered-vol-2-fb199ad7ec41 🗞️ https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf 23/12/2019 🗞️ https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers/

For a long time, I have been looking at solving a simple problem: be more efficient when scaling vulnerability research/bug hunting. The problem: I think it makes a lot of sense to decouple the browsing of a website from the actual fuzzing. Using a spider is not really viable in…

When building a Capture-The-Flag (for a conference), you need to have a good mix of very easy challenges and very hard challenges. …

One of the common advice when trying to improve security at scale is to invest in QA. In this article, we are going to cover some aspects of it. If you are looking for more application security-related content, make sure you check our previous article on Building Blocks. Add some negative test cases The simplest…