Fuzzing proprietary protocols with Scapy, radamsa and a handful of PCAPs
Introduction As security consultants, we act as hired guns by our clients to perform black-box security testing of applications. Oftentimes we have to assess the security of applications that use their own proprietary schemes for communication, instead of relying on conventional protocols such as HTTP. Recently we were faced with a short-term engagement that involved […]
Turning Burp Scanner vulnerabilities into Splunk events
Introduction Splunk is a fully featured, powerful platform for collecting, searching, monitoring, and analyzing machine data. It is widely used by Security Operation Center (SOC) teams to provide advanced security event monitoring, threat analytics, incident response, and cyber threat management. Burp Suite is a must-have web application attack proxy tool used by security analysts around […]
Leveraging Telegram as a command & control platform
Introduction At Blaze, we are always looking for new ways to further improve our engagements. As every penetration tester knows, post-exploitation is a crucial step for successful compromise and further penetration deep inside the network. Maintaining a strong foothold within the target organization is key. Hence, we have created Blaze Telegram Backdoor Tool (bt2), a […]
