ITSEC Newsletter 2023-09-28

Red team is best team

Author

Henrik Falk
September 28, 2023

DOM Invader and the case of direct eval vs indirect eval

What is DOM Invader? DOM Invader is a browser extension that makes it easy to find DOM based XSS by instrumenting various JavaScript functions. You can find out more about DOM Invader here: Introducin

portswigger.net/blog/dom-invader-and-the-case-of-direct-eval-vs-indirect-eval

"You might have encountered a situation where a site will throw an exception from the eval function when DOM Invader is enabled, but not when DOM Invader is disabled. Why is that? To understand what's going on, we first need to know the difference between a direct and an indirect call to eval. This post is going to summarise and simplify the definition of direct/indirect calls to eval. If you are interested in more technical details then I recommend the post by kangax."

Memory Safety: An Explainer - Center for Security and Emerging Technology

Memory safety issues remain endemic in cybersecurity and are often seen as a never-ending source of cyber vulnerabilities. Recently the topic has increased in prominence with the White House Office of the National Cyber Director (ONCD) releasing a request for comments on how to strengthen the open-source ecosystem. But what exactly is memory safety? This blog describes the historical antecedents in computing that helped create one aspect of today’s insecure cyber ecosystem. There will be no quick fixes, but there is encouraging progress towards addressing these long-standing security issues.

cset.georgetown.edu/article/memory-safety-an-explainer

"Memory safety is often seen as a never-ending source of cybersecurity problems and, thus, is increasingly cited as a high-priority issue in cybersecurity policy and strategy. It has been a hotly debated topic in computer security for decades, and fortunately, is not as complicated as some computer science textbooks make it seem. The cybersecurity issues surrounding memory safety are primarily rooted in two fundamental aspects of modern computing: The lack of strict separation in memory between code and data; and, The prevalence of widely used programming languages (primarily C/C++) that make introducing memory safety errors common. This blog post attempts to bridge the gap between fundamental computer science challenges in memory safety, and their relation to cybersecurity in order to inform policy options."

JA4+ Network Fingerprinting

TL;DR

blog.foxio.io/ja4-network-fingerprinting-9376fe9ca637

"In this blog I go over the new JA4+ network fingerprinting methods and examples of what they can detect. JA4+ provides a suite of modular network fingerprints that are easy to use and easy to share, replacing the JA3 TLS fingerprinting standard from 2017. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session hijacking prevention, compliance automation, location tracking, DDoS detection, grouping of threat actors, reverse shell detection, and many more."

Writing a Debugger From Scratch - DbgRs Part 5 - Breakpoints

(New to this series? Consider starting from part 1) At the end of the last post, we started to get some interesting functionality with the ability to resolve addresses to names in a module. This was the last functionality missing before we could implement breakpoints! This part adds the ability for DbgRs to set hardware breakpoints. The code for this post is in the part5 branch on github. You can also view the changes from part4.

www.timdbg.com/posts/writing-a-debugger-from-scratch-part-5

"At the end of the last post, we started to get some interesting functionality with the ability to resolve addresses to names in a module. This was the last functionality missing before we could implement breakpoints! This part adds the ability for DbgRs to set hardware breakpoints."