Today, NCC Group alongside a number of security firms and technology organizations co-signed a statement by the Electronic Frontier Foundation in opposition to the use of Section 1201 of the Digital Millennium Copyright Act against security researchers performing research in good faith, including when using third-party security testing tools. We believe that the security of … Continue reading NCC Group co-signs the Electronic Frontier Foundation’s Statement on DMCA Use Against Security Researchers
Principal Mapper, or PMapper, is a tool and library for in-depth analysis with AWS Identity and Access Management, as well as AWS Organizations. PMapper stores data about AWS accounts and organizations, then provides options to query, visualize, and analyze that data. The library, written in Python, enables users to extend PMapper's functionality for other use-cases. … Continue reading Tool Release – Principal Mapper v1.1.0 Update
In this post we show how to import WStalker output into Burp Suite and the Logger++ extension to build a sitemap from a recorded session for use in Intruder and Repeater.
This article discusses the most common findings from a sample of over 35 security assessments of Salesforce customer deployments conducted by NCC Group. The assessments covered a mixture of configuration and code review based on our customers’ use of the Salesforce platform, not of Salesforce itself. The findings were sorted into broad categories, of which … Continue reading Common Insecure Practices with Configuring and Extending Salesforce
By Phillip Langlois and Edward Torkington Introduction In November 2019, we published a blog post covering an elevation-of-privilege vulnerability we found in Windows whilst conducting research into Windows Component Object Model (COM) services. During the course of this research, we discovered a number of vulnerabilities in several COM services that we reported to Microsoft. In … Continue reading CVE-2019-1381 and CVE-2020-0859 – How Misleading Documentation Led to a Broken Patch for a Windows Arbitrary File Disclosure Vulnerability
Welcome to the new NCC Group Global Research blog. Here we will share blog posts on a range of technical topics that our consultants are thinking about, and on NCC Group's research projects, papers, presentations, and tools from around the globe.
This article is part of a series of blog posts. We recommend that you start at the beginning. Alternatively, scroll to the bottom of this article to navigate through the whole series. We're releasing a gdb plugin for analysing ptmalloc2. This plugin is essentially a fork from an older version of cloudburst's libheap , but with … Continue reading Cisco ASA series part five: libptmalloc gdb plugin
This research was originally performed by researchers from iSec Partners (now NCC Group), and has been migrated to research.nccgroup.com for posterity, and can be downloaded below. Recognizing and Preventing TOCTOU Whitepaper 03 Mar 2015 - Christopher Hacking Time-Of-Check-to-Time-Of-Use (TOCTOU) vulnerabilities have been known for decades, but are still frequently discovered in modern code. This diverse … Continue reading Whitepaper: Recognizing and Preventing TOCTOU
This research was originally performed by researchers from iSec Partners (now NCC Group), and has been migrated to research.nccgroup.com for posterity, and can be downloaded below. Black Hat 2013 - Femtocell Presentation Slides, Videos and App 19 Aug 2013 - Tom Ritter We’re back from Las Vegas, rested, and finally ready to release the slides, videos, and our … Continue reading Black Hat 2013 – Femtocell Presentation Slides, Videos and App
SSLyze v0.7 Released 14 Aug 2013 - Alban Diquet A new version of SSLyze is now available. SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. Changelog Complete rewrite of the OpenSSL wrapper as a C extensionSSLyze is now statically linked with the latest version of OpenSSL instead of … Continue reading SSLyze v0.7 Released