INTRODUCTION Some months ago, I reported to the Fortinet PSIRT team two vulnerabilities which affect different Fortigate firmware versions. You probably know that "Fortinet is a leading ...
http://www.behindthefirewalls.com/2016/05/CVE-2016-3978-open-redirect-and-xss-in-fortinet.html
Network forensics is something we should practice as much as possible to become faster at detecting supicious activies in our networks. This website http://malware-traffic-analysis.net/ shares ...
http://www.behindthefirewalls.com/2015/12/a-network-traffic-analysis-exercise.html
Assuming that time enough has happened since the security update was released by phpMyAdmin, we want to share our researches. As you already know, we believe in Responsible Disclosure and that i...
http://www.behindthefirewalls.com/2014/12/cve-2014-9218-phpmyadmin-dos-proof-of.html
INTRODUCTION "phpMyAdmin is a free software tool written in PHP , intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL, MariaDB...
http://www.behindthefirewalls.com/2014/12/when-cookies-lead-to-dos-in-phpmyadmin.html
Assuming that time enough has happened since the security update was released by Wordpress and Drupal, we want to share our researches. As you already know, we believe in Responsible Disclosure ...
http://www.behindthefirewalls.com/2014/12/cve-2014-9016-and-cve-2014-9034-PoC.html
INTRODUCTION Wordpress is the CMS most used Worldwide. According to w3techs.com WordPress is used by 61.1% of all the websites whose content management system they know. This is 23.2% of all...
http://www.behindthefirewalls.com/2014/11/wordpress-denial-of-service-responsible-disclosure.html
INTRODUCTION First of all, let me introduce you to my partner @cor3dump3d from www.devconsole.info We have written this post together and we hope you enjoy it. More technical information ab...
http://www.behindthefirewalls.com/2014/11/drupal-denial-of-service-responsible-disclosure.html
Some days ago a friend told me, "Ey! Why you didn't write a post talking about how Parsero has been included in the Kali Linux repository?" "Seriously? I forgot it..." So here it is... As you ...
http://www.behindthefirewalls.com/2014/09/parsero-v075-has-been-included-in-kali.html
When I was reading one of the last FireEye's post , I was struck by the binary they said it came in the form of phished email (MD5:7c00ba0fcbfee6186994a8988a864385) purportedly from Armani regar...
http://www.behindthefirewalls.com/2014/08/have-i-bought-these-clothes-another.html
You already know what the most common way of getting a job is. You usually look for vacancies in a job web portal and when you think you could be selected, you apply for it... Then, most of the ...
http://www.behindthefirewalls.com/2014/07/looking-for-job-in-security-field-in.html
INTRODUCTION In this post I'd like to introduce you to an awesome tool focused on taking advantage of an OpenSSH vulnerability. I'd like to thank @cor3dump3d for letting me participate in hi...
http://www.behindthefirewalls.com/2014/07/openssh-user-enumeration-time-based.html
In the previous post we talked about how to resolve the exercises 1, 2 and 3 of the XSS-game proposed by Google. Now, we are going to resolve the latest ones. EXERCISE 4 This exercise is ...
http://www.behindthefirewalls.com/2014/06/xss-game-by-google-exercises-4-5-and-6.html
As Google say, "Cross-site scripting (XSS) bugs are one of the most common and dangerous types of vulnerabilities in Web applications. These nasty buggers can allow your enemies to steal or modi...
http://www.behindthefirewalls.com/2014/06/xss-game-by-google-exercises-1-2-and-3.html
At the beginning of this month, Parsero v0.71 was presented by ToolsWatch Hacker Arsenal in their blog. That is something that I really appreciate... Today, I would like to introduce Parsero...
http://www.behindthefirewalls.com/2014/05/parsero-075-is-out.html
Just one day before of Windows XP end of life , the vulnerability with CVE-2014-0160 was published. A lot of blogs have talked about the OpenSSL vulnerability called "Heartbleed Bug". A lot of ...
http://www.behindthefirewalls.com/2014/04/openssl-heartbleed-what-hell-has-happened-here.html
A few days ago I read this post: WinRar File extension spoofing ( 0DAY ) . Here, the author describes for example, how to create a ZIP file with a file inside it which has a JPG extension but wh...
http://www.behindthefirewalls.com/2014/04/why-you-shouldnt-open-files-directly-from-winrar.html
INTRODUCTION After 12 years, support for Windows XP ends today, April 8, 2014. That means there will be no more security updates or technical support for Windows XP. So XP has officially died...
http://www.behindthefirewalls.com/2014/04/microsoft-xp-has-died-but-millions-of.html
INTRODUCTION A few weeks ago Trend Micro published in their blog the post below: The Siesta Campaign: A New Targeted Attack Awakens . Here they share their research about a targeted attack ...
http://www.behindthefirewalls.com/2014/03/siesta-campaign-nothing-is-what-it-seems.html
Cuckoo v1.0 was published some months ago but some time has passed since I've had time to install it with my friend cor3dump3d , who has saved me a lot of time... I have seen some new valuabl...
http://www.behindthefirewalls.com/2014/02/hiding-your-cuckoo-sandbox-v10-from-malware.html
As you already know, Parsero is a free script written in Python which helps you to automatically audit the Robots.txt file of a web server. In just a few seconds, you are able to get a lot of va...
http://www.behindthefirewalls.com/2014/02/parsero-v06-is-out.html
KIPPO FEATURES A few months ago I could get access to a SSH Honeypot called Kippo. Kippo is designed to log SSH brute force attacks and the entire shell interaction performed by an attacker w...
http://www.behindthefirewalls.com/2014/02/ssh-honeynet-kippo-kali-and-raspberry-pi.html
When we are involved in an incident handling and we are in charge of analyzing a traffic capture in a pcap format related to an attack, one of the things we usually need to do is get the files w...
http://www.behindthefirewalls.com/2014/01/extracting-files-from-network-traffic-pcap.html
You can read the first part of this post here: http://www.behindthefirewalls.com/2013/12/stuxnet-trojan-memory-forensics-with_16.html DETECTING API CALLS If we use the command below, we can...
http://www.behindthefirewalls.com/2014/01/stuxnet-memory-forensics-volatility-II.html
Stuxnet could be the first advanced malware. It is thought that it was developed by the United States and Israel to attack Iran's nuclear facilities. It attacked Windows systems using a zero-day...
http://www.behindthefirewalls.com/2013/12/stuxnet-trojan-memory-forensics-with_16.html
When I was writing Using robots.txt to locate your targets , I felt the necessity of developing a tool to make automatic the task of auditing the Robots.txt file of the web servers. Now, I am ...
http://www.behindthefirewalls.com/2013/12/parsero-tool-to-audit-robotstxt.html