This post documents one of my findings from a bug bounty program. The program had around 20 web applications in scope. Luckily the first application I chose was a treasure trove of bugs, so that kept me busy for a while. When I decided to move on, I picked another one at random, which was the organisation’s recruitment application.| markitzeroday.com
This post details how to bypass firewalls to gain access to the Cardholder Data Environment (or CDE, to use the parlance of our times). End goal: to extract credit card data.| markitzeroday.com
On many penetration test reports (including mine), the following is reported:| markitzeroday.com
The Content-Disposition response header tells the browser to download a file rather than displaying it in the browser window.| markitzeroday.com
…or why you should ensure all Windows machines are domain joined.| markitzeroday.com
Two important headers that can mitigate XSS are:| markitzeroday.com
On a web test once I was having trouble finding any instances of cross-site scripting, which is very unusual.| markitzeroday.com
…and why you should report it (maybe).| markitzeroday.com
A site that I discovered was echoing everything on the query string and POST data into a <div> tag.| markitzeroday.com
To start with, a quick recap on what Cross-Site Request Forgery is:| markitzeroday.com