Compass Security Blog

Offensive Defense

Page 2 of 4

Wrap-up: Hack-Lab 2017 #4

What is a Hack-Lab? Compass Security provides a monthly playful occasion for the security analysts to get-together and try to hack new devices, dive into current technologies and share their skills with their fellows. Topics The following topics, tools and technology has been discussed during this Hack-Lab: ESPloitation, Kubernetes, BACnet analysis, DNS Attacks and Hardening, Multi-SDR […]

Continue reading

JWT Burp Extension

JSON Web Token, or more commonly known as JWT,  is an open standard [1] that defines a compact and self-contained structure for securely transmitting information between multiple parties. The contained information can be verified and trusted through digital signatures. JWTs can be integrity protected using a secret using the HMAC algorithm or a public / private […]

Continue reading

Wrap-up: Hack-Lab 2017 #3

What is a Hack-Lab? Compass Security provides a monthly playful occasion for the security analysts to get-together and try to hack new devices, dive into current technologies and share their skills with their fellows. Topics The following topics, tools and technology has been discussed during this Hack-Lab: Nessus Automation Tools, Automate Everything, Frida on an […]

Continue reading

IoT WiFi Module – Dump the Data

The ESP8266 WiFi module from ESPRESSIF is a commonly used, low cost (less than 2 US$) WiFi module that exists in different PCB layouts. Often used for IoT projects and easily programmable using the Arduino IDE or with Mongoose OS and its web based IDE.  The ESP8266 modules are covered with a metal shield. Under the shield is a WiFi/CPU chip, […]

Continue reading

SharePoint: Collaboration vs. XSS

SharePoint is a very popular browser-based collaboration and content management platform. Due to its high complexity, proprietary technology and confusing terminology it is often perceived as a black-box that IT and security professionals do not feel very comfortable with. These days, web security topics are well understood by many security professionals, penetration testers and vendors. But what […]

Continue reading

SharePoint: How to collaborate with external parties?

Opening up an internal SharePoint farm to the Internet in order to share resources with external parties might seem a good idea, because it helps avoiding expensive infrastructure changes. However, in terms of security, this is not recommended because it does not sufficiently protect internal resources from external threats. The protection of internal resources hinges […]

Continue reading

Wrap-up: Hack-Lab 2017#2

What is a Hack-Lab? Compass Security provides a monthly playful occasion for the security analysts to get-together and try to hack new devices, dive into current technologies and share their skills with their fellows. This also includes the improvement of internal tools, the research of newly identified publicly known attacks, and security analysis of hardware […]

Continue reading

Wrap-up: Hack-Lab 2017#1

What is a Hack-Lab? Compass Security provides a monthly playful occasion for the security analysts to get-together and try to hack new devices, dive into current technologies and share their skills with their fellows. This also includes the improvement of internal tools, the research of newly identified publicly known attacks, and security analysis of hardware […]

Continue reading

SAMLRequest Support for SAML Raider

About a year ago, the Burp extension SAML Raider [0] was released as a result of a bachelor thesis [1] in collaboration with Compass Security. This Burp extension automates most of the steps, which are necessary to test a SAML single sign-on process and perform according attacks. With SAML Raider, an authentication bypass vulnerability in a Service […]

Continue reading

Android 7.0 Security Features: Direct Boot

Android 7.0 (Nougat) brings a lot of new interesting security features such as: Direct Boot Key Attestation Network Security Configuration Scoped Directory Access Media Server Hardening All of these topics are very interesting from a security perspective. However, in this blog post we will solely focus on Direct Boot. Motivation There are apps, which should […]

Continue reading

« Older posts Newer posts »