Breaker Builder Live

nVisium Top 3: Rails edition

Live   40:24min   03/20/2015

This is the third episode of SecCasts Live and is hosted by Ken Johnson. Ken discusses the top 3 most prevalent and most harmful Ruby on Rails security vulnerabilities – Mass Assignment, Injection, and MetaProgramming.

Rails - OWASP Top 10, A8 (CSRF)

Builder   12:09min   03/06/2015

This tutorial discusses Cross-Site Request Forgery (CSRF), Rails anti-CSRF mechanisms, commons mistakes in Rails applications, as well as a demonstration of the attack.

Building Secure Android Apps

Live   25:23min   02/19/2015

This is the second episode of SecCasts Live and is hosted by Jack Mannino. Jack explores the Lollipop Android distribution and discusses what is changed and how to leverage new APIs in order to enhance your Android application's security level.

Exploring Obscure Web App Vulnerabilities

Live   1:30:08min   01/15/2015

This is the first episode of SecCasts Live and it is hosted by Tim Tomes. Tim explores obscure web application vulnerabilities such as Session Fixation, Method Interchange, and CSRF.

Rails - OWASP Top 10, A7 (Access Control)

Builder   9:02min   01/09/2015

This tutorial discusses Missing Function Level Access Control and how it occurs in Rails applications. This category of weakness is listed as OWASP's A7 category. We demonstrate weaknesses in access control as well as defensive measures.

Time-Based Username Enumeration

Breaker   14:29min   12/19/2014

This tutorial is focused around demonstrating the enumeration of valid accounts on web sites leveraging time-based comparison code written by the video's author, John Poulin. We briefly describe the topic of username enumeration, demonstrate a couple examples of trivial types of enumeration, and then launch into the heart of the tutorial.

We demonstrate vulnerable application code, a proof of concept tool for enumerating users via time-comparison, and discuss how this all works.

Rails - OWASP Top 10, A6 (Exposure)

Builder   13:15min   12/09/2014

This tutorial discusses Sensitive Data Exposure in Ruby on Rails applications as well as prevention and is listed as OWASP's A6 category. We demonstrate implementing encryption, hashing passwords using Bcrypt, preventing model attribute exposure, and filtering in our logs.

Rails - OWASP Top 10, A5 (Misconfiguration)

Builder   7:16min   10/31/2014

This tutorial covers common security misconfigurations in Ruby on Rails applications as well as prevention and is listed as OWASP's A5 category. We demonstrate the use of tools to detect outdated software, basic configuration options, and more.

Rails - OWASP Top 10, A2 (Authentication)

Builder   16:06min   10/24/2014

This tutorial covers authentication weaknesses and is part 2 of a 2 part tutorial on OWASP's A2 category. We discuss and demonstrate password complexity weaknesses, username enumeration, brute-force authentication attacks, and insecure forgot password functions. Additionally, we provide preventive techniques for both custom authentication schemas in Rails as well as Devise.

Rails - OWASP Top 10, A4

Builder   8:15min   10/10/2014

In this tutorial, we cover Insecure Direct Object Reference (IDOR) weaknesses and how they manifest in Ruby on Rails. We show preventive measures that can be taken and demonstrate how the attack occurs and the core problem. IDOR is listed as A4 on OWASP'S Top 10.

Rails - OWASP Top 10, A2 (Sessions)

Builder   16:10min   10/03/2014

This tutorial covers session related weaknesses and is part 1 of a 2 part tutorial on OWASP's A2 category. We demonstrate session fixation weaknesses and provide the resolution, thoroughly explain the difference between client and server session store as well as how to change your configuration, and explain cookie flags and how to set them.

Grails - OWASP Top 10, A5

Builder   4:35min   09/26/2014

In this tutorial, we discuss the Security Misconfiguration section of OWASP's Top 10 (A5). We provide tools for monitoring your environment and some basic checks for security misconfiguration in Grails.

Rails - OWASP Top 10, A1

Builder   13:26min   09/19/2014

This tutorial explains common ways in which SQL Injection and Command Injection (A1) manifest within a Ruby on Rails application. We demonstrate both impact and remediation and provide helpful resources to learn more about dangerous methods and use cases in ActiveRecord.

Swift.nV Tutorial Part 1 - OWASP Mobile Top 10

Builder   9:19min   09/12/2014

In this tutorial, we demonstrate two of the OWASP Mobile Top 10 categories. Insecure Data Storage and Unintended Data Leakage. We show how these flaws manifest in a Swift application. Seth Law, the creator of nVisium's open source project Swift.nV, uses the vulnerable Swift.nV application to demonstrate and discuss common pitfalls.

Intro to Web Hacking Part 10 - XSS

Breaker   14:07min   09/05/2014

In this tutorial we cover Cross-Site Scripting (XSS) from manual and automated detection to exploitation and preventative measures.

Intro to Web Hacking Part 9 - Logic Flaws

Breaker   08:44min   08/30/2014

In this tutorial we demonstrate and discuss business and functional logic flaws. We discuss how to identify functionality that might be vulnerable as well as how to exploit it.

Intro to Web Hacking Part 8 - SQL Injection

Breaker   17:00min   08/22/2014

In this tutorial we demonstrate and discuss detection, exploitation, and prevention of SQL Injection. We show exactly what a SQL query looks like, how it works, how the vulnerable code is written, how to write parameterized queries, and how this issue can be taken advantage of to fully exploit an application.

Intro to Web Hacking Part 7 - Access Controls

Breaker   12:57min   08/15/2014

This video covers common access control weaknesses and how to asses these security controls as well as exploit them.

We explain and demonstrate:

Forceful Browsing
Parameter Based Controls
Non-UI Requests

and more....

Intro to Web Hacking Part 6 - Session Management Weaknesses

Breaker   16:46min   08/08/2014

This video covers common session management weaknesses and how to asses these security controls as well as exploiting them. We explain and demonstrate:

Session Fixation
Cookie Flags
Session Termination Flaws
... and more!

Intro to Web Hacking Part 5 - Authentication Weaknesses

Breaker   14:32min   07/25/2014

This video discusses common authentication weaknesses and how to asses these security controls as well as exploiting them. We explain and demonstrate:

Username Enumeration
Insecure Account Lockout Policies
Insecure Password Complexity Requirements
Testing Forgot Password Controls
Exploiting "Remember Me" Functions

Intro to Web Hacking Part 4 - Client Side Controls

Breaker   10:27min   07/18/2014

This video discusses Client-Side controls and how the play a part in vulnerability discovery and exploitation. We explain and demonstrate:

Hidden Form Fields
.NET ViewState
JavaScript Controls
Burp Suite's Target Analysis
Power of Inclusion and Exclusion of parameters

Intro to Web Hacking Part 3 - Mapping & Enumeration

Breaker   9:33min   07/11/2014

This is the third episode in our Intro to Web Hacking series. This tutorial covers basic techniques for mapping an application's attack surface. We discuss the purpose of performing mapping & enumeration and then demonstrate various tools and techniques. Some of the tools shown are:

Burp Suite's Intruder
Nmap
Google Hacking
Burp Suite's Spider

Grails - OWASP Top 10, A4

Builder   4:49min   07/03/2014

This video demonstrates common ways in which Insecure Direct Object Reference (A4/IDOR) manifest within a Grails application. We demonstrate remediating IDOR flaws within Grails. This tutorial is part of the Grails secure code collection.

Intro to Web Hacking Part 2 - HTML Basics

Breaker   14:16min   07/03/2014

This is the second video in our "Intro to Web Hacking" series. We cover fundamental aspects of the web that a viewer will need in order to be proficient at web hacking.

In this video we explain and demonstrate:

  • HTTP Proxies
  • JavaScript
  • CSS
  • HTML Forms and Elements
  • Encoding (Base64/URL)

Intro to Web Hacking Part 1 - HTTP Basics

Breaker   10:56min   06/29/2014

This tutorial is Part 1 of our "Introduction to Web Hacking" series and is intended for absolute beginners. In this tutorial, we discuss the basics of HTTP Requests & Responses, explain the Document Object Model (DOM), discuss Same-Origin Policy, and cover each of the most popular HTTP response codes as well as HTTP request methods or "verbs"

Grails - OWASP Top 10, A3

Builder   5:20min   06/24/2014

This video demonstrates common ways in which Cross-Site Scripting (A3/XSS) manifest within a Grails application. We demonstrate remediating XSS flaws within Grails. This tutorial is part of the Grails secure code collection.

Grails - OWASP Top 10, A1 & A2

Builder   9:04min   06/24/2014

This video demonstrates common Injection (A1) and Broken Authentication & Session Management (A2) flaws within a Grails application and shows remediating or mitigating these flaws. This tutorial is part of the Grails secure code collection.

xssValidator Tutorial

Breaker   12:27min   06/24/2014

John Poulin demonstrates leveraging nVisium's open source tool "xssValidator" using PhantomJS and SlimerJS with Burp Suite in order to detect and confirm XSS.

Basic Security Settings - Express.js

Builder   8:34min   06/17/2014

This tutorial covers basic security enhancements that can be set within an express application to mitigate things like CSRF, insecure caching, and clickjacking. Additionally, we cover using the Helmet library within an express application.

Auth (Node.js) - Passport.js + Sequelize.js

Builder   12:30min   06/15/2014

In this tutorial we show implementing Sequelize with Passport.js in a Node.js/Express.js application. The purpose of this tutorial is to show the basics of hashing a user's password, Sequelize validations & hooks, and basic access control.

Intro to Burp Extender (Python/Jython)

Breaker   13:24min   06/04/2014

In this episode, we show building two Burp extensions in Python. One plugin is a simple "hello world" style plugin with explanations. The second plugin creates an additional tab at the HTTP message view and renders a deobfuscated version of Django signed/client-side storage cookies.

Rails - OWASP Top 10, A3

Builder   12:45min   06/03/2014

This video demonstrates common ways in which Cross-Site Scripting (A3/XSS) manifest within a Ruby on Rails application. We demonstrate remediating XSS flaws within Ruby on Rails. This tutorial is part of the Rails secure code collection.

Intro To Burp

Breaker   12:24min   05/15/2014

This tutorial provides an introduction to configuring and using Burp Suite. We leverage a free version of Burp (1.6) in order to show basic options that a tester would want to incorporate into their efforts.

Intro to Burp Extender (Java)

Breaker   13:57min   05/15/2014

This video provides the basics of using Burp Suite's Extender functionality with Java.