Skip to content

Endpoint Security

Followings are the interesting blogs from Endpoint Security domain:

To Know more about Endpoint Security Products & Services,

Sign In to FireCompass for FREE !!

Attack & Defend LLMNR: A Widespread Shadow Network Discovery Protocol

Link-Local Multicast Name Resolution (LLMNR), a seemingly important protocol in Windows environments, can be a silent accomplice for cyber adversaries seeking to exploit network vulnerabilities. Let us understand the technical intricacies of LLMNR and unravel how it can be exploited for reconnaissance purposes, examining each step from a Red Teamer’s perspective. Understanding LLMNR LLMNR is… Read More »Attack & Defend LLMNR: A Widespread Shadow Network Discovery Protocol

NoSQL, means “not only SQL,” refers to a broad category of database technologies that are intended to manage huge volumes of unstructured and semi-structured data.

Detecting NoSQL Injection

SQL Injection is an evergreen vulnerability being discovered on a regular basis in enterprise products and open source libraries as shown by the below chart. Apart from SQL Injection, there are multiple types of injection vulnerabilities such as Command Injection, Nosql injection, OS injection, HTML injection etc. Over the past 10 years, NoSQL databases have… Read More »Detecting NoSQL Injection

How do attackers utilize .git

How Do Attackers Utilize .git For Fun And Profit?

Security teams are busy fixing CVEs, SQLi, and other critical vulnerabilities. However, exposing .git can potentially leak credentials, source code and other sensitive information. In this blog, we will uncover the dangers of hidden exposed .git, and how to identify and mitigate the relevant risk. Introduction In the realm of software development, Git stands as… Read More »How Do Attackers Utilize .git For Fun And Profit?

FC Attacking Modern Web Applications

Attacking Modern Web Applications

In the realm of contemporary of Modern web applications, the prevalent architectural framework of choice often takes the form of microservices architecture. In this context, what appears to be a unified front-end application is essentially an amalgamation of numerous small, distinct micro-services on the back end, interconnected through a reverse proxy mechanism. Consider, for instance,… Read More »Attacking Modern Web Applications