Introducing Dynamic API Scanning
Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. …
Detectify security updates for 29 November
Detectify
For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.
The following are some of the security vulnerabilities reported by Detectify Crowdsource ethical hackers. We added these tests to the Detectify scanner tool on 29 November.
WordPress wp-backup-plus Database Disclosure
Yet another WordPress plugin that publish the whole backup available for anyone to download. This continues to be a problem and shows the importance of disabling Directory Listening.
jQuery-File-Upload ImageTragick RCE
jQuery-File-Upload continue to be mentioned in Security Update after Security Update, and we still get Crowdsource submissions on different ways it can be used to exploit a system. We are looking forward to a more elaborated write-up in the future.
Microsoft Thumbs.db Exposure
It is commonly known that Mac OS saves a file in each directory called .DS_Store that contain a list of all files in that directory. However, as you do not per default actually see that file when using Mac OS itself, it is common that people accidentally upload this file to websites when they are uploading a whole folder.
Less known, although far from a secret, is that Windows actually have something similar called Thumbs.db. The file works in the same way and stores a thumbnail of all images in a directory. It happens in the same way that people accidentally upload this file. Read more here: https://github.com/thinkski/vinetto
Struts
This release our own security researchers spent some time fiddling around with Struts and implementing a lot of existing vulnerabilities, and ensuring all the tests works as they should.
Check out more content
Redefining AppSec Testing with Intelligent Scan Recommendations and Asset Classification
The average organization is missing testing 9 out of 10 of their complex web apps that are attacker-attractive targets. To address this, we’re launching new …
