NCC Group Research Home

  • Tool Release – Collaborator++

    January 28, 2020 by

    When testing for out-of-band vulnerabilities, Collaborator has been an invaluable tool since its initial release in 2015. By acting as a HTTP, DNS and SMTP server, Collaborator allows researchers to identify complex out-of-band interactions between target applications and external services aiding in the discovery of vulnerabilities such as server-side request forgery (SSRF), XML external entity… Read more

  • Tool Release – Enumerating Docker Registries with go-pillage-registries

    January 24, 2020 by

    Containerization solutions are becoming increasingly common throughout the industry due to their vast applications in logically separating and packaging processes to run consistently across environments. Docker represents these processes as images by packaging a base filesystem and initialization instructions for the runtime environment. Developers can use common base images and instruct Docker to execute a… Read more

  • Conference Talks – January 2020

    January 2, 2020 by

    This month, in addition to the several dozen technical talks and trainings our researchers will offer at our internal conferences, NCC CON US and NCC CON Europe, two NCC Group researchers will also be presenting work publicly: Clint Gibler, “DevSecOps State of the Union v2.0,” presented at AppSec Cali (Santa Monica, CA – January 22-24… Read more

  • Passive Decryption of Ethereum Peer-to-Peer Traffic

    December 20, 2019 by

    Ethereum, a popular cryptocurrency, utilizes a P2P flood network overlay
    protocol in order to propagate new transactions and state around the network. As has been shown in previous works[^1][^2], observing the propagation of transactions through the peer-to-peer network layer is often enough to deanonymize users of cryptocurrency networks…. Read More

  • On Linux's Random Number Generation

    December 19, 2019 by

    I have been asked about the usefulness of security monitoring of entropy levels in the Linux kernel. This calls for some explanation of how random generation works in Linux systems. So, randomness and the Linux kernel. This is an area where there is longstanding confusion, notably among some Linux kernel developers, including Linus Torvalds himself.… Read more

  • Demystifying AWS' AssumeRole and sts:ExternalId

    December 18, 2019 by

    Amazon Web Services’ AssumeRole operation accepts an optional parameter called “sts:ExternalId” which is intended to mitigate certain types of attacks. However, both the attacks that sts:ExternalId mitigates and how to properly use it are widely misunderstood, resulting in large numbers of vulnerable AWS-based applications. This post aims to describe what std:ExternalId does, when to use… Read more

  • Welcome to the new NCC Group Global Research blog

    December 18, 2019 by

    Welcome to the new NCC Group Global Research blog. Here we will share blog posts on a range of technical topics that our consultants are thinking about, and on NCC Group’s research projects, papers, presentations, and tools from around the globe. 

View all posts