SlideShare a Scribd company logo

Augmented reality in your web proxy

Roberto Suggi Liverani
Roberto Suggi LiveraniPentester/Reseacher
Roberto Suggi Liverani - @malerisch Hamburg AppSec Research 2013 OWASP HackPra AllStars
Who am I?  A guy who likes to find bugs   Speaker at various cons/events:  Hack in the Box, DefCON, EUSecWest, OWASP, HackPra  OWASP New Zealand Chapter Founder  Twitter: @malerisch  Research blog: blog.malerisch.net 2
Outline  Challenges / Solutions  Introducing Burp CSJ / DEMOs  Stories from the automation world  Conclusions / Future plans 3
Traditional testing approach 4 Web Proxy Web AppBrowser
The concept of proxy suite 5 Web Proxy Suite Web App Intruder Spider Scanner Repeater
The problem is… 6 Web App Web Proxy Web App Browser Web proxy originally design to focus on server-side technology Client-side technology shift A web app is designed to be used by a browser
Combining technologies  How can we get a browser close to a web proxy or vice versa? 7 Browser Automation Framework Web Proxy API
So what do we achieve? 8 Web Proxy Web AppBrowser Web Proxy Web AppBrowser 1 2 3
Browser automation options…  Selenium  Browser automation framework  Crawljax  Crawler for Ajax apps based on Selenium  JUnit  Testing framework 9
Selenium Server  Integrates Selenium RC  Launches and kills browsers  Interprets and runs Selenese commands  Supports Grid and nodes  Known as:  selenium-server-standalone  selenium-server 10
Selenium Client & WebDriver  Based on WebDriver wire protocol – RESTful + JSON  Direct calls to browser  Multiple drivers available: Chrome, IE, Opera, Android, iPhone  Known as selenium-java 11
Selenium IDE & JUnit  Create/Repeat/ Execute Test case  Firefox addon  Export to JUnit WebDriver 12
Crawljax  Based on Selenium WebDriver APIs  State-flow interpretation of DOM states 13
Crawljax 14 Paper: Crawling AJAX-Based Web Applications through Dynamic Analysis of User Interface State Changes
Web proxy options…  Burp Extender API  Java/Python/Ruby  Scanner, Proxy, Repeater, Cookie, Target Session handling, HTTP requests/responses  ZAP API  RESTful interface  Spider, core, params, ascan, context auth, acsrf, autoupdate, pscan 15
Crawljax - Pros  Why integrate Crawljax?  Augmented reality in your proxy  Increased coverage for complex web apps  Scalability with big/dynamic apps  Integrated in ZAP - Ajax Spider @GuifreRuiz - very cool work!  16
JUnit - Pros 17  Why use JUnit?  Increase chances to discover hard-to-find bugs  Easily create repeatable sequence of steps  Reuse existing JUnit test-case  Leverage Burp session handling/macro
So how to combine all this?  Created a burp extension (Burp CSJ)  Integrates Crawljax  Integrates JUnit test-case created via Selenium IDE 18 Source: https://github.com/malerisch/burp-csj Coded in Java using google, stackoverflow, a mix of guessing , luck and a lot of swearing…
How it works… 19 Burp CSJ Web AppBrowser Crawljax Selenium IDE Selenium WebDriver Junit JDK
Crawljax integration  Key Features  Support for Burp cookie jar  Support for multiple browsers, including remote webdriver  Support for multiple HTML elements  Exclusion list for crawling  Support for CrawlOverview plugin 20
Crawljax Tab (1/3) 21
Crawljax Tab (2/3) 22
Crawljax Tab (3/3) 23
DEMO  Crawling a site with auth  Crawling a site with auth + remote web driver  DEMO 24
JUnit Integration  Key Features  Import compiled Selenium IDE JUnit Test cases  Register test-case into Burp session handling  Test case can be invoked in the Macro editor  Interface to execute Junit test case 25
JUnit Tab 26
DEMO  Launching JUnit test-case via Burp Proxy  Registering Junit Test-case via Burp and setting a macro  DEMO 27
Burp CSJ Tips  Use Burp Spider + Crawljax for crawling and after scanning/attacking application  Create JUnit test cases for sequence which takes long time to repeat  Set Burp macro to use JUnit test case  When using JUnit with Burp CSJ, set the Cookie: header with Burp 28
Stories from the automation world… 29
base64 and command injection  Crawljax clicked on some pages with base64 encoded data  A scan was run before  Some of those pages content was decoded  Trace of ping command output were found  An indirect OS command injection was found! 30
jQuery, toggle() and XSS  Complex app – use of jQuery  Lot of clickable elements which would invoke toggle()  Crawljax clicked element  New page added to Burp Target  Page vulnerable to XSS 31
A nice deal…  Internet banking web app  Create a new payee (8 steps)  Perform money transfer (3 steps)  E.g. transfer 10000 JPY (=~ 76 EUR)  Attack: change currency but keep same amount  10k JPY deducted -> 10k EUR sent to other side! 32
A nice shopping cart!  Vulnerable shopping cart  Special product item would decrease amount  Sequence of steps had to be performed before  JUnit test-cases made the difference 33
Burp CSJ future  Expand Crawljax integration  Support plugin import feature  Expand JUnit Integration  Compile from Java Source directly…  Also change browser set in Junit test case…  Support for Burp cookie jar 34
Conclusions  Combining automation is a different type of testing  Time for preparation needed  Not ideal for testers looking for quick wins  ROI is always in bugs discovery  … especially bugs with critical severity 35
Questions? Roberto Suggi Liverani - @malerisch blog.malerisch.net  Source Code: https://github.com/malerisch/burp-csj  Tutorial: soon on blog.malerisch.net 36
References  Blog – Roberto Suggi Liverani  http://blog.malerisch.net/  Twitter account - @malerisch  https://twitter.com/malerisch  Crawling AJAX-Based Web Applications through Dynamic Analysis of User Interface State Changes  http://www.ece.ubc.ca/~amesbah/docs/t web-final.pdf 37
References  Crawljax  http://crawljax.com/  Selenium  http://docs.seleniumhq.org/  JUnit  http://junit.org/ 38
References  Burp Extender API  http://portswigger.net/burp/extender/api/inde x.html  ZAP API  https://code.google.com/p/zaproxy/wiki/ApiD etails  Ajax spider in ZAP  https://code.google.com/p/zaproxy/wiki/GSo C2012_PluginACT 39
1 of 39

Augmented reality in your web proxy

Download to read offline
Technology

This talk intends to demonstrate how to improve web application security testing by combining browser automation framework and web proxy API. The goal of this research is to bring a web proxy as close as possible to a browser to achieve a better security testing coverage, especially when dealing with complex client-side technology. The presentation includes a montage of real case scenarios, showing how this approach can lead to the discovery of vulnerabilities which might otherwise go unnoticed.

Roberto Suggi Liverani
Roberto Suggi LiveraniPentester/Reseacher

Recommended

Window Shopping Browser - Bug Hunting in 2012 by
Window Shopping Browser - Bug Hunting in 2012Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Roberto Suggi Liverani
3.1K views56 slides
Cross Context Scripting attacks & exploitation by
Cross Context Scripting attacks & exploitationCross Context Scripting attacks & exploitation
Cross Context Scripting attacks & exploitationRoberto Suggi Liverani
3.5K views69 slides
I got 99 trends and a # is all of them by
I got 99 trends and a # is all of themI got 99 trends and a # is all of them
I got 99 trends and a # is all of themRoberto Suggi Liverani
5.8K views122 slides
Exploiting Firefox Extensions by
Exploiting Firefox ExtensionsExploiting Firefox Extensions
Exploiting Firefox ExtensionsRoberto Suggi Liverani
3.5K views42 slides
Defending Against Application DoS attacks by
Defending Against Application DoS attacksDefending Against Application DoS attacks
Defending Against Application DoS attacksRoberto Suggi Liverani
5.1K views51 slides
Advanced Client Side Exploitation Using BeEF by
Advanced Client Side Exploitation Using BeEFAdvanced Client Side Exploitation Using BeEF
Advanced Client Side Exploitation Using BeEF1N3
11.3K views39 slides
Flash it baby! by
Flash it baby!Flash it baby!
Flash it baby!Soroush Dalili
7.6K views41 slides
Introducing OWASP OWTF Workshop BruCon 2012 by
Introducing OWASP OWTF Workshop BruCon 2012Introducing OWASP OWTF Workshop BruCon 2012
Introducing OWASP OWTF Workshop BruCon 2012Abraham Aranguren
6.4K views165 slides

More Related Content

What's hot

I'm in ur browser, pwning your stuff - Attacking (with) Google Chrome Extensions by
I'm in ur browser, pwning your stuff - Attacking (with) Google Chrome ExtensionsI'm in ur browser, pwning your stuff - Attacking (with) Google Chrome Extensions
I'm in ur browser, pwning your stuff - Attacking (with) Google Chrome ExtensionsKrzysztof Kotowicz
9.7K views49 slides
[Wroclaw #2] Web Application Security Headers by
[Wroclaw #2] Web Application Security Headers[Wroclaw #2] Web Application Security Headers
[Wroclaw #2] Web Application Security HeadersOWASP
1K views35 slides
Pwning mobile apps without root or jailbreak by
Pwning mobile apps without root or jailbreakPwning mobile apps without root or jailbreak
Pwning mobile apps without root or jailbreakAbraham Aranguren
12.2K views69 slides
Neat tricks to bypass CSRF-protection by
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionMikhail Egorov
17.6K views38 slides
Smart Sheriff, Dumb Idea, the wild west of government assisted parenting by
Smart Sheriff, Dumb Idea, the wild west of government assisted parentingSmart Sheriff, Dumb Idea, the wild west of government assisted parenting
Smart Sheriff, Dumb Idea, the wild west of government assisted parentingAbraham Aranguren
16.2K views112 slides
Owasp web application security trends by
Owasp web application security trendsOwasp web application security trends
Owasp web application security trendsbeched
3.3K views45 slides
Bug bounties - cén scéal? by
Bug bounties - cén scéal?Bug bounties - cén scéal?
Bug bounties - cén scéal?Ciaran McNally
2.5K views24 slides
Silent web app testing by example - BerlinSides 2011 by
Silent web app testing by example - BerlinSides 2011Silent web app testing by example - BerlinSides 2011
Silent web app testing by example - BerlinSides 2011Abraham Aranguren
8.4K views109 slides
OWASP OWTF - Summer Storm - OWASP AppSec EU 2013 by
OWASP OWTF - Summer Storm - OWASP AppSec EU 2013OWASP OWTF - Summer Storm - OWASP AppSec EU 2013
OWASP OWTF - Summer Storm - OWASP AppSec EU 2013Abraham Aranguren
9.4K views177 slides
[OWASP Poland Day] Application security - daily questions & answers by
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answersOWASP
379 views30 slides
Make CSRF Again by
Make CSRF AgainMake CSRF Again
Make CSRF AgainNetsparker
375 views37 slides
[OWASP Poland Day] Application frameworks' vulnerabilities by
[OWASP Poland Day] Application frameworks' vulnerabilities[OWASP Poland Day] Application frameworks' vulnerabilities
[OWASP Poland Day] Application frameworks' vulnerabilitiesOWASP
593 views30 slides
Tw noche geek quito webappsec by
Tw noche geek quito webappsecTw noche geek quito webappsec
Tw noche geek quito webappsecThoughtworks
1.8K views55 slides
Logical Attacks(Vulnerability Research) by
Logical Attacks(Vulnerability Research)Logical Attacks(Vulnerability Research)
Logical Attacks(Vulnerability Research)Ajay Negi
8.1K views32 slides
Legal and efficient web app testing without permission by
Legal and efficient web app testing without permissionLegal and efficient web app testing without permission
Legal and efficient web app testing without permissionAbraham Aranguren
5K views129 slides
[OWASP Poland Day] Web App Security Architectures by
[OWASP Poland Day] Web App Security Architectures[OWASP Poland Day] Web App Security Architectures
[OWASP Poland Day] Web App Security ArchitecturesOWASP
446 views31 slides
What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs. by
What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs.What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs.
What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs.Mikhail Egorov
6.1K views59 slides
Offensive (Web, etc) Testing Framework: My gift for the community - BerlinSid... by
Offensive (Web, etc) Testing Framework: My gift for the community - BerlinSid...Offensive (Web, etc) Testing Framework: My gift for the community - BerlinSid...
Offensive (Web, etc) Testing Framework: My gift for the community - BerlinSid...Abraham Aranguren
2.9K views58 slides
Owasp AppSecEU 2015 - BeEF Session by
Owasp AppSecEU 2015 - BeEF SessionOwasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF SessionBart Leppens
5.7K views71 slides
Continuous intrusion: Why CI tools are an attacker’s best friends by
Continuous intrusion: Why CI tools are an attacker’s best friendsContinuous intrusion: Why CI tools are an attacker’s best friends
Continuous intrusion: Why CI tools are an attacker’s best friendsNikhil Mittal
1.8K views65 slides

What's hot (20)

I'm in ur browser, pwning your stuff - Attacking (with) Google Chrome Extensions by Krzysztof Kotowicz
I'm in ur browser, pwning your stuff - Attacking (with) Google Chrome ExtensionsI'm in ur browser, pwning your stuff - Attacking (with) Google Chrome Extensions
I'm in ur browser, pwning your stuff - Attacking (with) Google Chrome Extensions
Krzysztof Kotowicz9.7K views
[Wroclaw #2] Web Application Security Headers by OWASP
[Wroclaw #2] Web Application Security Headers[Wroclaw #2] Web Application Security Headers
[Wroclaw #2] Web Application Security Headers
OWASP1K views
Pwning mobile apps without root or jailbreak by Abraham Aranguren
Pwning mobile apps without root or jailbreakPwning mobile apps without root or jailbreak
Pwning mobile apps without root or jailbreak
Abraham Aranguren12.2K views
Neat tricks to bypass CSRF-protection by Mikhail Egorov
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protection
Mikhail Egorov17.6K views
Smart Sheriff, Dumb Idea, the wild west of government assisted parenting by Abraham Aranguren
Smart Sheriff, Dumb Idea, the wild west of government assisted parentingSmart Sheriff, Dumb Idea, the wild west of government assisted parenting
Smart Sheriff, Dumb Idea, the wild west of government assisted parenting
Abraham Aranguren16.2K views
Owasp web application security trends by beched
Owasp web application security trendsOwasp web application security trends
Owasp web application security trends
beched3.3K views
Bug bounties - cén scéal? by Ciaran McNally
Bug bounties - cén scéal?Bug bounties - cén scéal?
Bug bounties - cén scéal?
Ciaran McNally2.5K views
Silent web app testing by example - BerlinSides 2011 by Abraham Aranguren
Silent web app testing by example - BerlinSides 2011Silent web app testing by example - BerlinSides 2011
Silent web app testing by example - BerlinSides 2011
Abraham Aranguren8.4K views
OWASP OWTF - Summer Storm - OWASP AppSec EU 2013 by Abraham Aranguren
OWASP OWTF - Summer Storm - OWASP AppSec EU 2013OWASP OWTF - Summer Storm - OWASP AppSec EU 2013
OWASP OWTF - Summer Storm - OWASP AppSec EU 2013
Abraham Aranguren9.4K views
[OWASP Poland Day] Application security - daily questions & answers by OWASP
[OWASP Poland Day] Application security - daily questions & answers[OWASP Poland Day] Application security - daily questions & answers
[OWASP Poland Day] Application security - daily questions & answers
OWASP379 views
Make CSRF Again by Netsparker
Make CSRF AgainMake CSRF Again
Make CSRF Again
Netsparker375 views
[OWASP Poland Day] Application frameworks' vulnerabilities by OWASP
[OWASP Poland Day] Application frameworks' vulnerabilities[OWASP Poland Day] Application frameworks' vulnerabilities
[OWASP Poland Day] Application frameworks' vulnerabilities
OWASP593 views
Tw noche geek quito webappsec by Thoughtworks
Tw noche geek quito webappsecTw noche geek quito webappsec
Tw noche geek quito webappsec
Thoughtworks1.8K views
Logical Attacks(Vulnerability Research) by Ajay Negi
Logical Attacks(Vulnerability Research)Logical Attacks(Vulnerability Research)
Logical Attacks(Vulnerability Research)
Ajay Negi8.1K views
Legal and efficient web app testing without permission by Abraham Aranguren
Legal and efficient web app testing without permissionLegal and efficient web app testing without permission
Legal and efficient web app testing without permission
Abraham Aranguren5K views
[OWASP Poland Day] Web App Security Architectures by OWASP
[OWASP Poland Day] Web App Security Architectures[OWASP Poland Day] Web App Security Architectures
[OWASP Poland Day] Web App Security Architectures
OWASP446 views
What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs. by Mikhail Egorov
What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs.What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs.
What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs.
Mikhail Egorov6.1K views
Offensive (Web, etc) Testing Framework: My gift for the community - BerlinSid... by Abraham Aranguren
Offensive (Web, etc) Testing Framework: My gift for the community - BerlinSid...Offensive (Web, etc) Testing Framework: My gift for the community - BerlinSid...
Offensive (Web, etc) Testing Framework: My gift for the community - BerlinSid...
Abraham Aranguren2.9K views
Owasp AppSecEU 2015 - BeEF Session by Bart Leppens
Owasp AppSecEU 2015 - BeEF SessionOwasp AppSecEU 2015 - BeEF Session
Owasp AppSecEU 2015 - BeEF Session
Bart Leppens5.7K views
Continuous intrusion: Why CI tools are an attacker’s best friends by Nikhil Mittal
Continuous intrusion: Why CI tools are an attacker’s best friendsContinuous intrusion: Why CI tools are an attacker’s best friends
Continuous intrusion: Why CI tools are an attacker’s best friends
Nikhil Mittal1.8K views

Viewers also liked

XPath Injection by
XPath InjectionXPath Injection
XPath InjectionRoberto Suggi Liverani
7.1K views23 slides
Defcon Moscow #0x0A - Nikita Kislitsin APT "Advanced Persistent Threats" by
Defcon Moscow #0x0A - Nikita Kislitsin APT "Advanced Persistent Threats"Defcon Moscow #0x0A - Nikita Kislitsin APT "Advanced Persistent Threats"
Defcon Moscow #0x0A - Nikita Kislitsin APT "Advanced Persistent Threats"Defcon Moscow
1.8K views39 slides
Defcon Moscow #0x0A - Sergey Golovanov "Вредоносные программы для финансовых ... by
Defcon Moscow #0x0A - Sergey Golovanov "Вредоносные программы для финансовых ...Defcon Moscow #0x0A - Sergey Golovanov "Вредоносные программы для финансовых ...
Defcon Moscow #0x0A - Sergey Golovanov "Вредоносные программы для финансовых ...Defcon Moscow
2.2K views21 slides
Defcon Moscow #0x0A - Oleg Kupreev "Uncommon MiTM in uncommon conditions" by
Defcon Moscow #0x0A - Oleg Kupreev "Uncommon MiTM in uncommon conditions"Defcon Moscow #0x0A - Oleg Kupreev "Uncommon MiTM in uncommon conditions"
Defcon Moscow #0x0A - Oleg Kupreev "Uncommon MiTM in uncommon conditions"Defcon Moscow
3.7K views59 slides
Defcon Moscow #0x0A - Dmitry Nedospasov "WTFPGA?!" by
Defcon Moscow #0x0A - Dmitry Nedospasov "WTFPGA?!"Defcon Moscow #0x0A - Dmitry Nedospasov "WTFPGA?!"
Defcon Moscow #0x0A - Dmitry Nedospasov "WTFPGA?!"Defcon Moscow
2.2K views19 slides
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker" by
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"Defcon Moscow
2.9K views40 slides
[3.3] Detection & exploitation of Xpath/Xquery Injections - Boris Savkov by
[3.3] Detection & exploitation of Xpath/Xquery Injections - Boris Savkov[3.3] Detection & exploitation of Xpath/Xquery Injections - Boris Savkov
[3.3] Detection & exploitation of Xpath/Xquery Injections - Boris SavkovOWASP Russia
1.6K views27 slides
XML & XPath Injections by
XML & XPath InjectionsXML & XPath Injections
XML & XPath InjectionsAMol NAik
4.9K views37 slides
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter by
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS FilterX-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS FilterMasato Kinugawa
38.8K views141 slides
Bypass file upload restrictions by
Bypass file upload restrictionsBypass file upload restrictions
Bypass file upload restrictionsMukesh k.r
31.8K views14 slides
Application security? Firewall it! by
Application security? Firewall it!Application security? Firewall it!
Application security? Firewall it!Positive Hack Days
519 views17 slides
XXE Exposed: SQLi, XSS, XXE and XEE against Web Services by
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesXXE Exposed: SQLi, XSS, XXE and XEE against Web Services
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesAbraham Aranguren
19.5K views37 slides

Viewers also liked (12)

XPath Injection by Roberto Suggi Liverani
XPath InjectionXPath Injection
XPath Injection
Roberto Suggi Liverani7.1K views
Defcon Moscow #0x0A - Nikita Kislitsin APT "Advanced Persistent Threats" by Defcon Moscow
Defcon Moscow #0x0A - Nikita Kislitsin APT "Advanced Persistent Threats"Defcon Moscow #0x0A - Nikita Kislitsin APT "Advanced Persistent Threats"
Defcon Moscow #0x0A - Nikita Kislitsin APT "Advanced Persistent Threats"
Defcon Moscow1.8K views
Defcon Moscow #0x0A - Sergey Golovanov "Вредоносные программы для финансовых ... by Defcon Moscow
Defcon Moscow #0x0A - Sergey Golovanov "Вредоносные программы для финансовых ...Defcon Moscow #0x0A - Sergey Golovanov "Вредоносные программы для финансовых ...
Defcon Moscow #0x0A - Sergey Golovanov "Вредоносные программы для финансовых ...
Defcon Moscow2.2K views
Defcon Moscow #0x0A - Oleg Kupreev "Uncommon MiTM in uncommon conditions" by Defcon Moscow
Defcon Moscow #0x0A - Oleg Kupreev "Uncommon MiTM in uncommon conditions"Defcon Moscow #0x0A - Oleg Kupreev "Uncommon MiTM in uncommon conditions"
Defcon Moscow #0x0A - Oleg Kupreev "Uncommon MiTM in uncommon conditions"
Defcon Moscow3.7K views
Defcon Moscow #0x0A - Dmitry Nedospasov "WTFPGA?!" by Defcon Moscow
Defcon Moscow #0x0A - Dmitry Nedospasov "WTFPGA?!"Defcon Moscow #0x0A - Dmitry Nedospasov "WTFPGA?!"
Defcon Moscow #0x0A - Dmitry Nedospasov "WTFPGA?!"
Defcon Moscow2.2K views
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker" by Defcon Moscow
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"
Defcon Moscow #0x0A - Mikhail Firstov "Hacking routers as Web Hacker"
Defcon Moscow2.9K views
[3.3] Detection & exploitation of Xpath/Xquery Injections - Boris Savkov by OWASP Russia
[3.3] Detection & exploitation of Xpath/Xquery Injections - Boris Savkov[3.3] Detection & exploitation of Xpath/Xquery Injections - Boris Savkov
[3.3] Detection & exploitation of Xpath/Xquery Injections - Boris Savkov
OWASP Russia1.6K views
XML & XPath Injections by AMol NAik
XML & XPath InjectionsXML & XPath Injections
XML & XPath Injections
AMol NAik4.9K views
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter by Masato Kinugawa
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS FilterX-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
Masato Kinugawa38.8K views
Bypass file upload restrictions by Mukesh k.r
Bypass file upload restrictionsBypass file upload restrictions
Bypass file upload restrictions
Mukesh k.r31.8K views
Application security? Firewall it! by Positive Hack Days
Application security? Firewall it!Application security? Firewall it!
Application security? Firewall it!
Positive Hack Days519 views
XXE Exposed: SQLi, XSS, XXE and XEE against Web Services by Abraham Aranguren
XXE Exposed: SQLi, XSS, XXE and XEE against Web ServicesXXE Exposed: SQLi, XSS, XXE and XEE against Web Services
XXE Exposed: SQLi, XSS, XXE and XEE against Web Services
Abraham Aranguren19.5K views

Similar to Augmented reality in your web proxy

(In)Security Implication in the JS Universe by
(In)Security Implication in the JS Universe(In)Security Implication in the JS Universe
(In)Security Implication in the JS UniverseStefano Di Paola
1.6K views49 slides
Building a full-stack app with Golang and Google Cloud Platform in one week by
Building a full-stack app with Golang and Google Cloud Platform in one weekBuilding a full-stack app with Golang and Google Cloud Platform in one week
Building a full-stack app with Golang and Google Cloud Platform in one weekDr. Felix Raab
186 views120 slides
JS digest. Mid-Summer 2017 by
JS digest. Mid-Summer 2017JS digest. Mid-Summer 2017
JS digest. Mid-Summer 2017ElifTech
667 views28 slides
Microservices for the Masses with Spring Boot, JHipster, and OAuth - South We... by
Microservices for the Masses with Spring Boot, JHipster, and OAuth - South We...Microservices for the Masses with Spring Boot, JHipster, and OAuth - South We...
Microservices for the Masses with Spring Boot, JHipster, and OAuth - South We...Matt Raible
357 views73 slides
Javascript toolkit-2.0 by
Javascript toolkit-2.0Javascript toolkit-2.0
Javascript toolkit-2.0Thoughtworks
1.5K views37 slides
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx 2015 by
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx 2015Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx 2015
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx 2015Matt Raible
6.7K views39 slides
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Switzerl... by
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Switzerl...Microservices for the Masses with Spring Boot, JHipster, and OAuth - Switzerl...
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Switzerl...Matt Raible
237 views74 slides
Prototyping app using JS and HTML5 (Ciklum Kharkiv) by
Prototyping app using JS and HTML5 (Ciklum Kharkiv)Prototyping app using JS and HTML5 (Ciklum Kharkiv)
Prototyping app using JS and HTML5 (Ciklum Kharkiv)Yuriy Silvestrov
879 views26 slides
StrongLoop Overview by
StrongLoop OverviewStrongLoop Overview
StrongLoop OverviewShubhra Kar
2.3K views44 slides
Be ef presentation-securitybyte2011-michele_orru by
Be ef presentation-securitybyte2011-michele_orruBe ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orruMichele Orru
2.7K views32 slides
Get Hip with JHipster - Denver JUG 2015 by
Get Hip with JHipster - Denver JUG 2015Get Hip with JHipster - Denver JUG 2015
Get Hip with JHipster - Denver JUG 2015Matt Raible
26.6K views35 slides
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Jforum S... by
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Jforum S...Microservices for the Masses with Spring Boot, JHipster, and OAuth - Jforum S...
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Jforum S...Matt Raible
156 views75 slides
Gwt Deep Dive by
Gwt Deep DiveGwt Deep Dive
Gwt Deep DiveReturn on Intelligence
538 views84 slides
All levels of performance testing and monitoring in web-apps by
All levels of performance testing and monitoring in web-appsAll levels of performance testing and monitoring in web-apps
All levels of performance testing and monitoring in web-appsAndrii Skrypnychenko
132 views48 slides
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016 by
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016Matt Raible
5.5K views39 slides
JavaScript Revolution - 5/Nov/13 - PrDC Saskatoon, SK by
JavaScript Revolution - 5/Nov/13 - PrDC Saskatoon, SKJavaScript Revolution - 5/Nov/13 - PrDC Saskatoon, SK
JavaScript Revolution - 5/Nov/13 - PrDC Saskatoon, SKDavid Wesst
1.7K views63 slides
Quo vadis, JavaScript? Devday.pl keynote by
Quo vadis, JavaScript? Devday.pl keynoteQuo vadis, JavaScript? Devday.pl keynote
Quo vadis, JavaScript? Devday.pl keynoteChristian Heilmann
4.1K views81 slides
Pain Driven Development by Alexandr Sugak by
Pain Driven Development by Alexandr SugakPain Driven Development by Alexandr Sugak
Pain Driven Development by Alexandr SugakSigma Software
152 views42 slides
Azure and web sites hackaton deck by
Azure and web sites hackaton deckAzure and web sites hackaton deck
Azure and web sites hackaton deckAlexey Bokov
1.1K views30 slides
Choose Your Own Adventure with JHipster & Kubernetes - Utah JUG 2020 by
Choose Your Own Adventure with JHipster & Kubernetes - Utah JUG 2020Choose Your Own Adventure with JHipster & Kubernetes - Utah JUG 2020
Choose Your Own Adventure with JHipster & Kubernetes - Utah JUG 2020Matt Raible
249 views44 slides

Similar to Augmented reality in your web proxy (20)

(In)Security Implication in the JS Universe by Stefano Di Paola
(In)Security Implication in the JS Universe(In)Security Implication in the JS Universe
(In)Security Implication in the JS Universe
Stefano Di Paola1.6K views
Building a full-stack app with Golang and Google Cloud Platform in one week by Dr. Felix Raab
Building a full-stack app with Golang and Google Cloud Platform in one weekBuilding a full-stack app with Golang and Google Cloud Platform in one week
Building a full-stack app with Golang and Google Cloud Platform in one week
Dr. Felix Raab186 views
JS digest. Mid-Summer 2017 by ElifTech
JS digest. Mid-Summer 2017JS digest. Mid-Summer 2017
JS digest. Mid-Summer 2017
ElifTech667 views
Microservices for the Masses with Spring Boot, JHipster, and OAuth - South We... by Matt Raible
Microservices for the Masses with Spring Boot, JHipster, and OAuth - South We...Microservices for the Masses with Spring Boot, JHipster, and OAuth - South We...
Microservices for the Masses with Spring Boot, JHipster, and OAuth - South We...
Matt Raible357 views
Javascript toolkit-2.0 by Thoughtworks
Javascript toolkit-2.0Javascript toolkit-2.0
Javascript toolkit-2.0
Thoughtworks1.5K views
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx 2015 by Matt Raible
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx 2015Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx 2015
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx 2015
Matt Raible6.7K views
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Switzerl... by Matt Raible
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Switzerl...Microservices for the Masses with Spring Boot, JHipster, and OAuth - Switzerl...
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Switzerl...
Matt Raible237 views
Prototyping app using JS and HTML5 (Ciklum Kharkiv) by Yuriy Silvestrov
Prototyping app using JS and HTML5 (Ciklum Kharkiv)Prototyping app using JS and HTML5 (Ciklum Kharkiv)
Prototyping app using JS and HTML5 (Ciklum Kharkiv)
Yuriy Silvestrov879 views
StrongLoop Overview by Shubhra Kar
StrongLoop OverviewStrongLoop Overview
StrongLoop Overview
Shubhra Kar2.3K views
Be ef presentation-securitybyte2011-michele_orru by Michele Orru
Be ef presentation-securitybyte2011-michele_orruBe ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orru
Michele Orru2.7K views
Get Hip with JHipster - Denver JUG 2015 by Matt Raible
Get Hip with JHipster - Denver JUG 2015Get Hip with JHipster - Denver JUG 2015
Get Hip with JHipster - Denver JUG 2015
Matt Raible26.6K views
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Jforum S... by Matt Raible
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Jforum S...Microservices for the Masses with Spring Boot, JHipster, and OAuth - Jforum S...
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Jforum S...
Matt Raible156 views
Gwt Deep Dive by Return on Intelligence
Gwt Deep DiveGwt Deep Dive
Gwt Deep Dive
Return on Intelligence538 views
All levels of performance testing and monitoring in web-apps by Andrii Skrypnychenko
All levels of performance testing and monitoring in web-appsAll levels of performance testing and monitoring in web-apps
All levels of performance testing and monitoring in web-apps
Andrii Skrypnychenko132 views
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016 by Matt Raible
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx France 2016
Matt Raible5.5K views
JavaScript Revolution - 5/Nov/13 - PrDC Saskatoon, SK by David Wesst
JavaScript Revolution - 5/Nov/13 - PrDC Saskatoon, SKJavaScript Revolution - 5/Nov/13 - PrDC Saskatoon, SK
JavaScript Revolution - 5/Nov/13 - PrDC Saskatoon, SK
David Wesst1.7K views
Quo vadis, JavaScript? Devday.pl keynote by Christian Heilmann
Quo vadis, JavaScript? Devday.pl keynoteQuo vadis, JavaScript? Devday.pl keynote
Quo vadis, JavaScript? Devday.pl keynote
Christian Heilmann4.1K views
Pain Driven Development by Alexandr Sugak by Sigma Software
Pain Driven Development by Alexandr SugakPain Driven Development by Alexandr Sugak
Pain Driven Development by Alexandr Sugak
Sigma Software152 views
Azure and web sites hackaton deck by Alexey Bokov
Azure and web sites hackaton deckAzure and web sites hackaton deck
Azure and web sites hackaton deck
Alexey Bokov1.1K views
Choose Your Own Adventure with JHipster & Kubernetes - Utah JUG 2020 by Matt Raible
Choose Your Own Adventure with JHipster & Kubernetes - Utah JUG 2020Choose Your Own Adventure with JHipster & Kubernetes - Utah JUG 2020
Choose Your Own Adventure with JHipster & Kubernetes - Utah JUG 2020
Matt Raible249 views

More from Roberto Suggi Liverani

None More Black - the Dark Side of SEO by
None More Black - the Dark Side of SEONone More Black - the Dark Side of SEO
None More Black - the Dark Side of SEORoberto Suggi Liverani
21K views58 slides
Bridging the gap - Security and Software Testing by
Bridging the gap - Security and Software TestingBridging the gap - Security and Software Testing
Bridging the gap - Security and Software TestingRoberto Suggi Liverani
1.2K views31 slides
Black Energy18 - Russian botnet package analysis by
Black Energy18 - Russian botnet package analysisBlack Energy18 - Russian botnet package analysis
Black Energy18 - Russian botnet package analysisRoberto Suggi Liverani
1.8K views48 slides
Web Spam Techniques by
Web Spam TechniquesWeb Spam Techniques
Web Spam TechniquesRoberto Suggi Liverani
78.8K views53 slides
Reversing JavaScript by
Reversing JavaScriptReversing JavaScript
Reversing JavaScriptRoberto Suggi Liverani
2.9K views48 slides
Ajax Security by
Ajax SecurityAjax Security
Ajax SecurityRoberto Suggi Liverani
2K views33 slides
Browser Security by
Browser SecurityBrowser Security
Browser SecurityRoberto Suggi Liverani
16.4K views28 slides

More from Roberto Suggi Liverani (7)

None More Black - the Dark Side of SEO by Roberto Suggi Liverani
None More Black - the Dark Side of SEONone More Black - the Dark Side of SEO
None More Black - the Dark Side of SEO
Roberto Suggi Liverani21K views
Bridging the gap - Security and Software Testing by Roberto Suggi Liverani
Bridging the gap - Security and Software TestingBridging the gap - Security and Software Testing
Bridging the gap - Security and Software Testing
Roberto Suggi Liverani1.2K views
Black Energy18 - Russian botnet package analysis by Roberto Suggi Liverani
Black Energy18 - Russian botnet package analysisBlack Energy18 - Russian botnet package analysis
Black Energy18 - Russian botnet package analysis
Roberto Suggi Liverani1.8K views
Web Spam Techniques by Roberto Suggi Liverani
Web Spam TechniquesWeb Spam Techniques
Web Spam Techniques
Roberto Suggi Liverani78.8K views
Reversing JavaScript by Roberto Suggi Liverani
Reversing JavaScriptReversing JavaScript
Reversing JavaScript
Roberto Suggi Liverani2.9K views
Ajax Security by Roberto Suggi Liverani
Ajax SecurityAjax Security
Ajax Security
Roberto Suggi Liverani2K views
Browser Security by Roberto Suggi Liverani
Browser SecurityBrowser Security
Browser Security
Roberto Suggi Liverani16.4K views

Recently uploaded

Enabling DPU Hardware Accelerators in XCP-ng Cloud Platform Environment - And... by
Enabling DPU Hardware Accelerators in XCP-ng Cloud Platform Environment - And...Enabling DPU Hardware Accelerators in XCP-ng Cloud Platform Environment - And...
Enabling DPU Hardware Accelerators in XCP-ng Cloud Platform Environment - And...ShapeBlue
166 views12 slides
Everything You Always Wanted to Know About AsyncAPI by
Everything You Always Wanted to Know About AsyncAPIEverything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPIPostman
17 views25 slides
Initiating and Advancing Your Strategic GIS Governance Strategy by
Initiating and Advancing Your Strategic GIS Governance StrategyInitiating and Advancing Your Strategic GIS Governance Strategy
Initiating and Advancing Your Strategic GIS Governance StrategySafe Software
280 views68 slides
CyberSecurity Study Jam by
CyberSecurity Study JamCyberSecurity Study Jam
CyberSecurity Study JamSahilSingh368445
625 views14 slides
Optimizing Communication to Optimize Human Behavior - LCBM by
Optimizing Communication to Optimize Human Behavior - LCBMOptimizing Communication to Optimize Human Behavior - LCBM
Optimizing Communication to Optimize Human Behavior - LCBMYaman Kumar
46 views49 slides
Network eWaste : Community role to manage end of life Product by
Network eWaste : Community role to manage end of life ProductNetwork eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life ProductBangladesh Network Operators Group
26 views13 slides
Mobile Core Solutions & Successful Cases.pdf by
Mobile Core Solutions & Successful Cases.pdfMobile Core Solutions & Successful Cases.pdf
Mobile Core Solutions & Successful Cases.pdfIPLOOK Networks
20 views7 slides
Choosing the Right Flutter App Development Company by
Choosing the Right Flutter App Development CompanyChoosing the Right Flutter App Development Company
Choosing the Right Flutter App Development CompanyFicode Technologies
19 views9 slides
Transcript: Redefining the book supply chain: A glimpse into the future - Tec... by
Transcript: Redefining the book supply chain: A glimpse into the future - Tec...Transcript: Redefining the book supply chain: A glimpse into the future - Tec...
Transcript: Redefining the book supply chain: A glimpse into the future - Tec...BookNet Canada
58 views16 slides
The Mysterious Paradigm of Fuzzing by Rakesh Seal by
The Mysterious Paradigm of Fuzzing by Rakesh SealThe Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh Sealnull - The Open Security Community
20 views11 slides
Adopting Karpenter for Cost and Simplicity at Grafana Labs.pdf by
Adopting Karpenter for Cost and Simplicity at Grafana Labs.pdfAdopting Karpenter for Cost and Simplicity at Grafana Labs.pdf
Adopting Karpenter for Cost and Simplicity at Grafana Labs.pdfMichaelOLeary82
16 views74 slides
Five Ways to Automate API Testing with Postman by
Five Ways to Automate API Testing with PostmanFive Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with PostmanPostman
48 views31 slides
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3 by
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3Postman
19 views32 slides
Qualifying SaaS, IaaS.pptx by
Qualifying SaaS, IaaS.pptxQualifying SaaS, IaaS.pptx
Qualifying SaaS, IaaS.pptxSachin Bhandari
1.2K views8 slides
[2024] GDSC India - Discover, Design, Develop.pdf.pdf by
[2024] GDSC India - Discover, Design, Develop.pdf.pdf[2024] GDSC India - Discover, Design, Develop.pdf.pdf
[2024] GDSC India - Discover, Design, Develop.pdf.pdfbcedsc
28 views19 slides
Digital Personal Data Protection (DPDP) Practical Approach For CISOs by
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
187 views59 slides
Redefining the book supply chain: A glimpse into the future - Tech Forum 2023 by
Redefining the book supply chain: A glimpse into the future - Tech Forum 2023Redefining the book supply chain: A glimpse into the future - Tech Forum 2023
Redefining the book supply chain: A glimpse into the future - Tech Forum 2023BookNet Canada
57 views19 slides
What is Authentication Active Directory_.pptx by
What is Authentication Active Directory_.pptxWhat is Authentication Active Directory_.pptx
What is Authentication Active Directory_.pptxHeenaMehta35
31 views7 slides
Cocktail of Environments. How to Mix Test and Development Environments and St... by
Cocktail of Environments. How to Mix Test and Development Environments and St...Cocktail of Environments. How to Mix Test and Development Environments and St...
Cocktail of Environments. How to Mix Test and Development Environments and St...Aleksandr Tarasov
27 views135 slides
Incremental data processing with Hudi & Spark + dbt.pdf by
Incremental data processing with Hudi & Spark + dbt.pdfIncremental data processing with Hudi & Spark + dbt.pdf
Incremental data processing with Hudi & Spark + dbt.pdfnadine39280
17 views20 slides

Recently uploaded (20)

Enabling DPU Hardware Accelerators in XCP-ng Cloud Platform Environment - And... by ShapeBlue
Enabling DPU Hardware Accelerators in XCP-ng Cloud Platform Environment - And...Enabling DPU Hardware Accelerators in XCP-ng Cloud Platform Environment - And...
Enabling DPU Hardware Accelerators in XCP-ng Cloud Platform Environment - And...
ShapeBlue166 views
Everything You Always Wanted to Know About AsyncAPI by Postman
Everything You Always Wanted to Know About AsyncAPIEverything You Always Wanted to Know About AsyncAPI
Everything You Always Wanted to Know About AsyncAPI
Postman17 views
Initiating and Advancing Your Strategic GIS Governance Strategy by Safe Software
Initiating and Advancing Your Strategic GIS Governance StrategyInitiating and Advancing Your Strategic GIS Governance Strategy
Initiating and Advancing Your Strategic GIS Governance Strategy
Safe Software280 views
CyberSecurity Study Jam by SahilSingh368445
CyberSecurity Study JamCyberSecurity Study Jam
CyberSecurity Study Jam
SahilSingh368445625 views
Optimizing Communication to Optimize Human Behavior - LCBM by Yaman Kumar
Optimizing Communication to Optimize Human Behavior - LCBMOptimizing Communication to Optimize Human Behavior - LCBM
Optimizing Communication to Optimize Human Behavior - LCBM
Yaman Kumar46 views
Network eWaste : Community role to manage end of life Product by Bangladesh Network Operators Group
Network eWaste : Community role to manage end of life ProductNetwork eWaste : Community role to manage end of life Product
Network eWaste : Community role to manage end of life Product
Bangladesh Network Operators Group26 views
Mobile Core Solutions & Successful Cases.pdf by IPLOOK Networks
Mobile Core Solutions & Successful Cases.pdfMobile Core Solutions & Successful Cases.pdf
Mobile Core Solutions & Successful Cases.pdf
IPLOOK Networks20 views
Choosing the Right Flutter App Development Company by Ficode Technologies
Choosing the Right Flutter App Development CompanyChoosing the Right Flutter App Development Company
Choosing the Right Flutter App Development Company
Ficode Technologies19 views
Transcript: Redefining the book supply chain: A glimpse into the future - Tec... by BookNet Canada
Transcript: Redefining the book supply chain: A glimpse into the future - Tec...Transcript: Redefining the book supply chain: A glimpse into the future - Tec...
Transcript: Redefining the book supply chain: A glimpse into the future - Tec...
BookNet Canada58 views
The Mysterious Paradigm of Fuzzing by Rakesh Seal by null - The Open Security Community
The Mysterious Paradigm of Fuzzing by Rakesh SealThe Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh Seal
null - The Open Security Community20 views
Adopting Karpenter for Cost and Simplicity at Grafana Labs.pdf by MichaelOLeary82
Adopting Karpenter for Cost and Simplicity at Grafana Labs.pdfAdopting Karpenter for Cost and Simplicity at Grafana Labs.pdf
Adopting Karpenter for Cost and Simplicity at Grafana Labs.pdf
MichaelOLeary8216 views
Five Ways to Automate API Testing with Postman by Postman
Five Ways to Automate API Testing with PostmanFive Ways to Automate API Testing with Postman
Five Ways to Automate API Testing with Postman
Postman48 views
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3 by Postman
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Elevating Event-Driven World: A Deep Dive into AsyncAPI v3
Postman19 views
Qualifying SaaS, IaaS.pptx by Sachin Bhandari
Qualifying SaaS, IaaS.pptxQualifying SaaS, IaaS.pptx
Qualifying SaaS, IaaS.pptx
Sachin Bhandari1.2K views
[2024] GDSC India - Discover, Design, Develop.pdf.pdf by bcedsc
[2024] GDSC India - Discover, Design, Develop.pdf.pdf[2024] GDSC India - Discover, Design, Develop.pdf.pdf
[2024] GDSC India - Discover, Design, Develop.pdf.pdf
bcedsc28 views
Digital Personal Data Protection (DPDP) Practical Approach For CISOs by Priyanka Aash
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash187 views
Redefining the book supply chain: A glimpse into the future - Tech Forum 2023 by BookNet Canada
Redefining the book supply chain: A glimpse into the future - Tech Forum 2023Redefining the book supply chain: A glimpse into the future - Tech Forum 2023
Redefining the book supply chain: A glimpse into the future - Tech Forum 2023
BookNet Canada57 views
What is Authentication Active Directory_.pptx by HeenaMehta35
What is Authentication Active Directory_.pptxWhat is Authentication Active Directory_.pptx
What is Authentication Active Directory_.pptx
HeenaMehta3531 views
Cocktail of Environments. How to Mix Test and Development Environments and St... by Aleksandr Tarasov
Cocktail of Environments. How to Mix Test and Development Environments and St...Cocktail of Environments. How to Mix Test and Development Environments and St...
Cocktail of Environments. How to Mix Test and Development Environments and St...
Aleksandr Tarasov27 views
Incremental data processing with Hudi & Spark + dbt.pdf by nadine39280
Incremental data processing with Hudi & Spark + dbt.pdfIncremental data processing with Hudi & Spark + dbt.pdf
Incremental data processing with Hudi & Spark + dbt.pdf
nadine3928017 views

Augmented reality in your web proxy

  • 1. Roberto Suggi Liverani - @malerisch Hamburg AppSec Research 2013 OWASP HackPra AllStars
  • 2. Who am I?  A guy who likes to find bugs   Speaker at various cons/events:  Hack in the Box, DefCON, EUSecWest, OWASP, HackPra  OWASP New Zealand Chapter Founder  Twitter: @malerisch  Research blog: blog.malerisch.net 2
  • 3. Outline  Challenges / Solutions  Introducing Burp CSJ / DEMOs  Stories from the automation world  Conclusions / Future plans 3
  • 4. Traditional testing approach 4 Web Proxy Web AppBrowser
  • 5. The concept of proxy suite 5 Web Proxy Suite Web App Intruder Spider Scanner Repeater
  • 6. The problem is… 6 Web App Web Proxy Web App Browser Web proxy originally design to focus on server-side technology Client-side technology shift A web app is designed to be used by a browser
  • 7. Combining technologies  How can we get a browser close to a web proxy or vice versa? 7 Browser Automation Framework Web Proxy API
  • 8. So what do we achieve? 8 Web Proxy Web AppBrowser Web Proxy Web AppBrowser 1 2 3
  • 9. Browser automation options…  Selenium  Browser automation framework  Crawljax  Crawler for Ajax apps based on Selenium  JUnit  Testing framework 9
  • 10. Selenium Server  Integrates Selenium RC  Launches and kills browsers  Interprets and runs Selenese commands  Supports Grid and nodes  Known as:  selenium-server-standalone  selenium-server 10
  • 11. Selenium Client & WebDriver  Based on WebDriver wire protocol – RESTful + JSON  Direct calls to browser  Multiple drivers available: Chrome, IE, Opera, Android, iPhone  Known as selenium-java 11
  • 12. Selenium IDE & JUnit  Create/Repeat/ Execute Test case  Firefox addon  Export to JUnit WebDriver 12
  • 13. Crawljax  Based on Selenium WebDriver APIs  State-flow interpretation of DOM states 13
  • 14. Crawljax 14 Paper: Crawling AJAX-Based Web Applications through Dynamic Analysis of User Interface State Changes
  • 15. Web proxy options…  Burp Extender API  Java/Python/Ruby  Scanner, Proxy, Repeater, Cookie, Target Session handling, HTTP requests/responses  ZAP API  RESTful interface  Spider, core, params, ascan, context auth, acsrf, autoupdate, pscan 15
  • 16. Crawljax - Pros  Why integrate Crawljax?  Augmented reality in your proxy  Increased coverage for complex web apps  Scalability with big/dynamic apps  Integrated in ZAP - Ajax Spider @GuifreRuiz - very cool work!  16
  • 17. JUnit - Pros 17  Why use JUnit?  Increase chances to discover hard-to-find bugs  Easily create repeatable sequence of steps  Reuse existing JUnit test-case  Leverage Burp session handling/macro
  • 18. So how to combine all this?  Created a burp extension (Burp CSJ)  Integrates Crawljax  Integrates JUnit test-case created via Selenium IDE 18 Source: https://github.com/malerisch/burp-csj Coded in Java using google, stackoverflow, a mix of guessing , luck and a lot of swearing…
  • 19. How it works… 19 Burp CSJ Web AppBrowser Crawljax Selenium IDE Selenium WebDriver Junit JDK
  • 20. Crawljax integration  Key Features  Support for Burp cookie jar  Support for multiple browsers, including remote webdriver  Support for multiple HTML elements  Exclusion list for crawling  Support for CrawlOverview plugin 20
  • 24. DEMO  Crawling a site with auth  Crawling a site with auth + remote web driver  DEMO 24
  • 25. JUnit Integration  Key Features  Import compiled Selenium IDE JUnit Test cases  Register test-case into Burp session handling  Test case can be invoked in the Macro editor  Interface to execute Junit test case 25
  • 27. DEMO  Launching JUnit test-case via Burp Proxy  Registering Junit Test-case via Burp and setting a macro  DEMO 27
  • 28. Burp CSJ Tips  Use Burp Spider + Crawljax for crawling and after scanning/attacking application  Create JUnit test cases for sequence which takes long time to repeat  Set Burp macro to use JUnit test case  When using JUnit with Burp CSJ, set the Cookie: header with Burp 28
  • 29. Stories from the automation world… 29
  • 30. base64 and command injection  Crawljax clicked on some pages with base64 encoded data  A scan was run before  Some of those pages content was decoded  Trace of ping command output were found  An indirect OS command injection was found! 30
  • 31. jQuery, toggle() and XSS  Complex app – use of jQuery  Lot of clickable elements which would invoke toggle()  Crawljax clicked element  New page added to Burp Target  Page vulnerable to XSS 31
  • 32. A nice deal…  Internet banking web app  Create a new payee (8 steps)  Perform money transfer (3 steps)  E.g. transfer 10000 JPY (=~ 76 EUR)  Attack: change currency but keep same amount  10k JPY deducted -> 10k EUR sent to other side! 32
  • 33. A nice shopping cart!  Vulnerable shopping cart  Special product item would decrease amount  Sequence of steps had to be performed before  JUnit test-cases made the difference 33
  • 34. Burp CSJ future  Expand Crawljax integration  Support plugin import feature  Expand JUnit Integration  Compile from Java Source directly…  Also change browser set in Junit test case…  Support for Burp cookie jar 34
  • 35. Conclusions  Combining automation is a different type of testing  Time for preparation needed  Not ideal for testers looking for quick wins  ROI is always in bugs discovery  … especially bugs with critical severity 35
  • 36. Questions? Roberto Suggi Liverani - @malerisch blog.malerisch.net  Source Code: https://github.com/malerisch/burp-csj  Tutorial: soon on blog.malerisch.net 36
  • 37. References  Blog – Roberto Suggi Liverani  http://blog.malerisch.net/  Twitter account - @malerisch  https://twitter.com/malerisch  Crawling AJAX-Based Web Applications through Dynamic Analysis of User Interface State Changes  http://www.ece.ubc.ca/~amesbah/docs/t web-final.pdf 37
  • 38. References  Crawljax  http://crawljax.com/  Selenium  http://docs.seleniumhq.org/  JUnit  http://junit.org/ 38
  • 39. References  Burp Extender API  http://portswigger.net/burp/extender/api/inde x.html  ZAP API  https://code.google.com/p/zaproxy/wiki/ApiD etails  Ajax spider in ZAP  https://code.google.com/p/zaproxy/wiki/GSo C2012_PluginACT 39

Report as inappropriate

*Required
Copyright Complaint

3 likes

views

Total views3,315
On Slideshare0
From embeds0
Number of embeds0