Compass Security Blog

Offensive Defense

SAML Raider Release 1.4.0

SAML Raider 1.4.0 is out which contains several new features like UI changes, new text editor, raw mode, XSW match/replace, parameter name definition and attack templates for XXE and XSLT attacks.

Continue reading

The Good Old DNS Rebinding

A post on how to trick browsers to work as a gateway to internal web servers and IoT devices, the concepts behind and how to easily exploit DNS rebinding using the Singularity of Origin framework.

Continue reading

.CH Zone Lookup Tool

Fighting cybercrime is one of the reason Switch announced to publish the .ch zone. Switzerland has a law on Open-Government-Data-Strategy that follows the open-by-default strategy The .ch zone file contains all registered .ch domain names that have a NS record that points to the nameserver that gives authoritative answers for that domain name. Compass Security is offering […]

Continue reading