Portcullis Labs » Whitepapers https://labs.portcullis.co.uk Research and Development en-US hourly 1 http://wordpress.org/?v=3.8.5 Web Application Whitepaper https://labs.portcullis.co.uk/whitepapers/web-application-whitepaper/ https://labs.portcullis.co.uk/whitepapers/web-application-whitepaper/#comments Wed, 06 Sep 2017 11:12:46 +0000 https://labs.portcullis.co.uk/?p=6078 This document aims to analyse and explore data collected from technical assurance engagements during 2016. The original piece of data analysis was performed by two of our interns (Daniel and Chris) as part of Cisco’s intended contribution to the next Top 10 publication from OWASP however due to time constraints, our data points were not […]

The post Web Application Whitepaper appeared first on Portcullis Labs.

]]>
This document aims to analyse and explore data collected from technical assurance engagements during 2016.

The original piece of data analysis was performed by two of our interns (Daniel and Chris) as part of Cisco’s intended contribution to the next Top 10 publication from OWASP however due to time constraints, our data points were not submitted. As a result, the co-authors (Simone and Isa) chose to compare the EMEAR team’s statistics from 2016 against the now public 2017 Top 10 published by OWASP. Additionally, they also took a look at the most common web application issues reported by the Team during the last year and analysed their impact and severity.

WAW
WAW.pdf
September 6, 2017
Version: 1.0
925.6 KiB
MD5 hash: 0986d3ab7f6f55c71199296189ce5f62
Details

The post Web Application Whitepaper appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/web-application-whitepaper/feed/ 0
Hacking the Belkin E Series Omniview 2-Port KVM Switch https://labs.portcullis.co.uk/whitepapers/hacking-the-belkin-e-series-omniview-2-port-kvm-switch/ https://labs.portcullis.co.uk/whitepapers/hacking-the-belkin-e-series-omniview-2-port-kvm-switch/#comments Wed, 05 Apr 2017 06:44:37 +0000 https://labs.portcullis.co.uk/?p=5726 Too frequently security professionals only consider software vulnerabilities when considering the risks of connecting devices to their networks and systems. When it comes to considering potential risks of connected devices and the Internet of Things, not only must security professionals consider potential vulnerabilities in the software and firmware of these systems, but also physical vulnerabilities […]

The post Hacking the Belkin E Series Omniview 2-Port KVM Switch appeared first on Portcullis Labs.

]]>
Too frequently security professionals only consider software vulnerabilities when considering the risks of connecting devices to their networks and systems. When it comes to considering potential risks of connected devices and the Internet of Things, not only must security professionals consider potential vulnerabilities in the software and firmware of these systems, but also physical vulnerabilities in hardware.  This document considers the potential risk posed by hardware modification of seemingly innocuous hardware devices attached to critical systems, by showing how a simple KVM switch can be modified for use as a key logger.

Talos BelkinWhitePaper Final
547.3 KiB
MD5 hash: 20411b5e5d2ff1c17d09b73ded5172c6
Details
HackingBelkinKVMSwitch
15.5 KiB
MD5 hash: f1bbdcd02742a66a6234f9f31b388227
Details

The post Hacking the Belkin E Series Omniview 2-Port KVM Switch appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/hacking-the-belkin-e-series-omniview-2-port-kvm-switch/feed/ 0
SSL Good Practice Guide https://labs.portcullis.co.uk/whitepapers/ssl-good-practice-guide/ https://labs.portcullis.co.uk/whitepapers/ssl-good-practice-guide/#comments Fri, 11 Apr 2014 05:00:53 +0000 https://labs.portcullis.co.uk/?p=1842 This document discusses a number of attack vectors for SSL and TLS, offering real world examples where it can. It also offers advice on how to protect and correctly configure, with the goal of helping ensure that SSL services have a minimised attack surface.

The post SSL Good Practice Guide appeared first on Portcullis Labs.

]]>
This document discusses a number of attack vectors for SSL and TLS, offering real world examples where it can.

It also offers advice on how to protect and correctly configure, with the goal of helping ensure that SSL services have a minimised attack surface.

SSLGPG
SSLGPG-1.4.pdf
September 23, 2015
Version: 1.4
578.6 KiB
MD5 hash: f1d0976053e839a85dd19259ba26b0c0
Details
SSLGPG
SSLGPG-1.2.pdf
April 10, 2014
Version: 1.2
584.5 KiB
MD5 hash: 1c660fa51cb46805ee76a515aa330005
Details
SSLGPG
SSLGPG-1.1.pdf
April 1, 2014
Version: 1.1
578.0 KiB
MD5 hash: 47029e16f8d2ccf5f041d368722c40b7
Details
SSLGPG
SSLGPG.pdf
September 20, 2013
576.1 KiB
MD5 hash: eb0599b73eb8f3ef5110d30e14acb32e
Details

The post SSL Good Practice Guide appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/ssl-good-practice-guide/feed/ 0
SSL Certificate Good Practice Guide https://labs.portcullis.co.uk/whitepapers/ssl-certificate-good-practice-guide/ https://labs.portcullis.co.uk/whitepapers/ssl-certificate-good-practice-guide/#comments Mon, 03 Feb 2014 17:03:24 +0000 https://labs.portcullis.co.uk/?p=3451 This document is not intended to be a definitive guide, but more of a review of the specific commonly identified issues resulting from the inappropriate deployment of SSL certificates on internal services within a corporate environment. Whilst this document is not intended to be definitive, Portcullis believes that it should provide a high level summary […]

The post SSL Certificate Good Practice Guide appeared first on Portcullis Labs.

]]>
This document is not intended to be a definitive guide, but more of a review of the specific commonly identified issues resulting from the inappropriate deployment of SSL certificates on internal services within a corporate environment.

Whilst this document is not intended to be definitive, Portcullis believes that it should provide a high level summary of the issues that are typically present in such an environment, along with proposals as to how they can be mitigated.

SSLCGPG
SSLCGPG-1.2.pdf
September 24, 2015
Version: 1.2
543.4 KiB
MD5 hash: 5cb28138af43c817092f9d09dc548df6
Details
SSLCGPG
SSLCGPG.pdf
February 3, 2014
542.8 KiB
MD5 hash: 881c9e4e53d998379d7ee61cf6299f9a
Details

The post SSL Certificate Good Practice Guide appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/ssl-certificate-good-practice-guide/feed/ 0
Memory Squatting: Attacks On System V Shared Memory https://labs.portcullis.co.uk/whitepapers/memory-squatting-attacks-on-system-v-shared-memory/ https://labs.portcullis.co.uk/whitepapers/memory-squatting-attacks-on-system-v-shared-memory/#comments Wed, 13 Nov 2013 03:26:00 +0000 https://labs.portcullis.co.uk/?p=2403 Rather than representing a definitive guide, this document represents a review of the specific security issues identified during Portcullis Computer Security Ltd’s recent research into System V shared memory segments and their usage. What follows should, however, provide a high-level summary of issues, impacts and methods of remediation in cases where System V shared memory […]

The post Memory Squatting: Attacks On System V Shared Memory appeared first on Portcullis Labs.

]]>
Rather than representing a definitive guide, this document represents a review of the specific security issues identified during Portcullis Computer Security Ltd’s recent research into System V shared memory segments and their usage.

What follows should, however, provide a high-level summary of issues, impacts and methods of remediation in cases where System V shared memory segments are used in an insecure fashion. This paper was released as part of my presentation at 44CON 2013 entitled “I miss LSD“.

MSAOSVSM
MSAOSVSM.pdf
November 13, 2013
569.3 KiB
MD5 hash: 2511c7c09b51f39b74f37ed5e79fe1b5
Details

The post Memory Squatting: Attacks On System V Shared Memory appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/memory-squatting-attacks-on-system-v-shared-memory/feed/ 0
HTML 5 Good Practice Guide https://labs.portcullis.co.uk/whitepapers/html-5-good-practice-guide/ https://labs.portcullis.co.uk/whitepapers/html-5-good-practice-guide/#comments Fri, 26 Apr 2013 17:54:06 +0000 http://wordpress.65535.com/blogtest/?p=106 This document is not intended to be a definitive guide, but more of a review of the specific security issues resulting from the use of HTML 5. Portcullis was asked to provide consultancy in the form of analysis and good practice recommendations with respect to migrations from Flash to HTML 5. Whilst this document is […]

The post HTML 5 Good Practice Guide appeared first on Portcullis Labs.

]]>
This document is not intended to be a definitive guide, but more of a review of the specific security issues resulting from the use of HTML 5.

Portcullis was asked to provide consultancy in the form of analysis and good practice recommendations with respect to migrations from Flash to HTML 5.

Whilst this document is not intended to be a definitive guide, Portcullis believes that it should provide a high level summary of the pros and cons of the proposed migration.

HTML5GPG
HTML5GPG.pdf
April 26, 2013
383.1 KiB
MD5 hash: 419f5768fc2814c6e1eeaa774ba42148
Details

The post HTML 5 Good Practice Guide appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/html-5-good-practice-guide/feed/ 0
Web Application Password Reset Good Practice Guide https://labs.portcullis.co.uk/whitepapers/web-application-password-reset-good-practice-guide/ https://labs.portcullis.co.uk/whitepapers/web-application-password-reset-good-practice-guide/#comments Fri, 26 Apr 2013 17:53:01 +0000 http://wordpress.65535.com/blogtest/?p=102 Over the years of application testing we have seen many bad password reset implementations, so we have put together a good practice guide to help design a secure process for your applications. This document aims to detail the key features of secure password reset procedures which can be used within web applications. As well as […]

The post Web Application Password Reset Good Practice Guide appeared first on Portcullis Labs.

]]>
Over the years of application testing we have seen many bad password reset implementations, so we have put together a good practice guide to help design a secure process for your applications.

This document aims to detail the key features of secure password reset procedures which can be used within web applications. As well as detailing these feature is gives examples of how the reset can be done.

PRGPG
PRGPG.pdf
April 26, 2013
355.9 KiB
MD5 hash: 7aeb675c0aad6501eddb10ba3fd125b3
Details

The post Web Application Password Reset Good Practice Guide appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/web-application-password-reset-good-practice-guide/feed/ 0
Apple iOS In the Workplace https://labs.portcullis.co.uk/whitepapers/apple-ios-in-the-workplace/ https://labs.portcullis.co.uk/whitepapers/apple-ios-in-the-workplace/#comments Wed, 16 Feb 2011 17:57:31 +0000 http://wordpress.65535.com/blogtest/?p=124 This document discusses the security of Apple iOS with particular focus on its usage in the workplace. The intended audience for this is technical/managerial, that is to say, in parts it will be moderately technical, but the key focus will be the provision of information to those planning or evaluating roll outs of iOS based […]

The post Apple iOS In the Workplace appeared first on Portcullis Labs.

]]>
This document discusses the security of Apple iOS with particular focus on its usage in the workplace.

The intended audience for this is technical/managerial, that is to say, in parts it will be moderately technical, but the key focus will be the provision of information to those planning or evaluating roll outs of iOS based devices in order that they are able to accurately understand the risks associated with this.

IOSinTheWorkplace-WPIOS2011
1.1 MiB
MD5 hash: b36063ebf62406da23afbad2ef455be1
Details

The post Apple iOS In the Workplace appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/apple-ios-in-the-workplace/feed/ 0
Firefox Lockdown https://labs.portcullis.co.uk/whitepapers/firefox-lockdown/ https://labs.portcullis.co.uk/whitepapers/firefox-lockdown/#comments Fri, 26 Apr 2013 17:55:02 +0000 http://wordpress.65535.com/blogtest/?p=110 Firefox can be locked down similar to Internet Explorer, and this guide will give you the relevant information that is needed to create a secure, locked-down configuration, to restrict knowledgeable users actions into manipulating Firefox for their own needs. With Firefox’s popularity rising on a day-by-day basis, many corporate environments are starting to employ the […]

The post Firefox Lockdown appeared first on Portcullis Labs.

]]>
Firefox can be locked down similar to Internet Explorer, and this guide will give you the relevant information that is needed to create a secure, locked-down configuration, to restrict knowledgeable users actions into manipulating Firefox for their own needs.

With Firefox’s popularity rising on a day-by-day basis, many corporate environments are starting to employ the power of Firefox as their default browser. This document explains how, with insufficient restrictions or lock-downs Firefox becomes a powerful client controlled web browser that a sophisticated user can manipulate for their own benefits.

LockingDownFirefox
LockingDownFirefox.pdf
April 26, 2013
222.6 KiB
MD5 hash: e33cb0403e88a908066b63cae72ccf64
Details

The post Firefox Lockdown appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/firefox-lockdown/feed/ 0
XSS Tunnelling https://labs.portcullis.co.uk/whitepapers/xss-tunnelling/ https://labs.portcullis.co.uk/whitepapers/xss-tunnelling/#comments Fri, 26 Apr 2013 17:42:49 +0000 http://wordpress.65535.com/blogtest/?p=97 XSS Tunnelling is the tunnelling of HTTP traffic through an XSS Channel to use virtually any application that supports HTTP proxies. This paper explains the idea and the real world implementation.

The post XSS Tunnelling appeared first on Portcullis Labs.

]]>
XSS Tunnelling is the tunnelling of HTTP traffic through an XSS Channel to use virtually any application that supports HTTP proxies. This paper explains the idea and the real world implementation.

XSS-Tunnelling
XSS-Tunnelling.pdf
April 26, 2013
257.4 KiB
MD5 hash: 6fc8c1b79fd57a8e351b1b1c8ecdbdb5
Details

The post XSS Tunnelling appeared first on Portcullis Labs.

]]>
https://labs.portcullis.co.uk/whitepapers/xss-tunnelling/feed/ 0