Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 8: Development of Prototype #4 – Building on Takaesu’s Approach with Focus on XSS

Following on from last week’s blog, the eighth instalment in the Project Ava series revisits the theory and approaches of security engineer and researcher, Isao Takaesu, with a focus on XSS. Overview In Part 3 of this blog series, one of the existing approaches by others that we found from literature reviews was that of … Continue reading Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 8: Development of Prototype #4 – Building on Takaesu’s Approach with Focus on XSS

Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 7: Development of Prototype #3 – Adventures in Anomaly Detection

In last week’s blog, our research team set out the process of creating a SQLi proof of concept.  Overview In our previous prototypes we focused on text processing (vectorizing, word2vect, neural networks, etc.). We recognized that despite some signs of potential, the overall approach is difficult because: It’s not the way the human brain works … Continue reading Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 7: Development of Prototype #3 – Adventures in Anomaly Detection

Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 6: Development of Prototype #2 – Creating a SQLi PoC

Following on from the team’s first prototype, which explored text processing and semantic relationships, the sixth blog in the Project Ava series moves on to creating a SQLi proof of concept… Overview Building on our initial work with word vectorisation and support-vector machines (SVMs), we set out to create a Proof of Concept (PoC) system … Continue reading Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 6: Development of Prototype #2 – Creating a SQLi PoC

Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 5: Development of Prototype #1 – Text Processing and Semantic Relationships

In the fifth blog of the Project Ava series, our research team start to delve into the fun stuff – creating prototypes for applying machine learning to pentesting. Find out how the team got on with their first prototype below. Overview Having understood existing solutions and architected a system for collection of the data necessary … Continue reading Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 5: Development of Prototype #1 – Text Processing and Semantic Relationships

Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 4: Architecture and Design

Building on from previous research and approaches to using machine learning for pentesting scenarios, this week our research team moves onto the architecture and design of the Project Ava ‘system’. Read on to find out about the architectures tested and the team’s conclusions. Overview Unsurprisingly, machine learning requires data – lots of data, and that … Continue reading Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 4: Architecture and Design

Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 3: Understanding Existing Approaches and Attempts

Last week, our research team explored the capabilities of IBM’s Natural Language Processing (NLP) tool and how we might be able to apply it to social engineering or phishing campaigns. In this phase of the research, the team talk us through the existing approaches and attempts to harness machine learning for pentesting scenarios. Overview The … Continue reading Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 3: Understanding Existing Approaches and Attempts

Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 2: Going off on a Tangent – AI/ML Applications in Social Engineering

This is the second blog in the Project Ava series – the first set out the aims of the research and the tools that our research team experimented with to facilitate their work. In this blog, the team explore an interesting tangent as they play with the capabilities of IBM’s Natural Language Processing tool. Read … Continue reading Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 2: Going off on a Tangent – AI/ML Applications in Social Engineering

Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 1: Understanding the Basics and What Platforms and Frameworks Are Available

In our latest blog series, our research team give an overview of Project Ava – a 400-day exploration of whether machine learning could ever be used to complement current pentesting capabilities. In this blog, the team set out the aims of the project and experiment with the platforms and frameworks available to facilitate this research. … Continue reading Project Ava: On the Matter of Using Machine Learning for Web Application Security Testing – Part 1: Understanding the Basics and What Platforms and Frameworks Are Available

Finding and Exploiting .NET Remoting over HTTP using Deserialisation

Introduction During a recent security assessment at NCC Group I found a .NET v2.0 application that used .NET Remoting to communicate with its server over HTTP by sending SOAP requests. After decompiling the application I realised that the server had set the TypeFilterLevel to Full which is dangerous as it can potentially lead to remote code execution using deserialisation … Continue reading Finding and Exploiting .NET Remoting over HTTP using Deserialisation

Turla PNG Dropper is back

This is a short blog post on the PNG Dropper malware that has been developed and used by the Turla Group [1]. The PNG Dropper was first discovered back in August 2017 by Carbon Black researchers. Back in 2017 it was being used to distribute Snake, but recently NCC Group researchers have uncovered samples with … Continue reading Turla PNG Dropper is back