Notes related to RipsTech/SonarSource CodeAdvent Security Calendar 2021. Day 1 Line 13: The code registers a handler for message events and writes the event’s data directly into the DOM...
Joern Cheat Sheet
Joern Notes Joern is a static analyzer that can be used to create code property graphs and query them fairly easy. This is good alternative to CodeQL since analyzing with Joern doesn’t require you...
Exploit Education - Phoenix Notes
Exploit Education Notes The image can be downloaded from https://exploit.education/phoenix/, and can be extracted and executed using tar xJf exploit-education-phoenix-amd64-v1.0.0-alpha-3.tar.xz ...
SuiteCRM - Phar Deserialization to Code Execution
This is a copy of a blog which i recently published on Snyk: https://snyk.io/blog/suitecrm-phar-deserialization-vulnerability-to-code-execution/ Introduction uiteCRM is a free and open source Cus...
Fuzzing with Go-Fuzz
Fuzzing can often be a very useful technical for finding bugs. Go-fuzz is a coverage-guided fuzzing solution for testing of Go packages. go-fuzz. This blog post will walk you through how to use it ...
ADempiere Unsafe Deserialization to Code Execution
Introduction Deserializing user-controlled object streams at runtime can allow attackers to execute arbitrary code on the server, abuse application logic, and/or lead to denial of service Java se...
OpenCATS PHP Object Injection to Arbitrary File Write
Introduction OpenCATS is an application tracking system that is written in PHP. More about OpenCATS can be seen here: https://www.opencats.org/. OpenCATS is vulnerable to PHP Object injection, by ...
PHP Object Injection Exploitation Notes
Notes I’ve written and Collected about PHP Deserialization Introduction serialize and unserialize Serialization functions are commonly used within software to store data to a file, a memory buff...
Code Security Advent Calendar 2020 Answers
SonarSource is a company focused on code quality and static analysis. This year, SonarSource, along with RIPS Technologies will be tweeting code challenges from real world vulnerabilities on their ...
Writing AngularJS Security Semantic Rules using Semgrep
AngularJS Security is something I have looked into in the past. In 2016, I conducted a workshop on AngularJS Security in MWR’s MWRICON which highlighted some common security issues and how they cou...