Here phishy phishy : How to recognize phishing

Here phishy phishy... - source: Combell According to our latest research, which can be seen in this video , an astonishing 32% of employees click on phishing URL's, and 1 in 5 emails can be considered as malicious. But what makes a phishing attack successful? Are we really that naive to let ourselves become phishing … Continue reading Here phishy phishy : How to recognize phishing

Using Burp’s session Handling Rules to insert authorization cookies into Intruder, Repeater and even sqlmap

The problem.... Recently, NVISO was tasked to do a penetration test on a web application that had very short authenticated sessions and that implemented anti CSRF tokens. This presented a unique challenge, as most of our automated tools and techniques had no reliable way of working as the base requests that were being used as … Continue reading Using Burp’s session Handling Rules to insert authorization cookies into Intruder, Repeater and even sqlmap