Scanning the Alexa Top 1M for .DS_Store files

Some readers may remember our Analysis of .git folders in the Alexa Top 1M. WIth our tools we were able to discover and retrieve (hidden) directories and files (even without directory listing). We developed a similar approach of uncovering hidden files again, but this time with the help of .DS_Store files. In this blogpost we will share the methodology, the resulting security implications as well as our results from scanning the Alexa Top 1M and how we could have obtained sensitive files from several websites.

Certificate Transparency as a source for subdomains

We have been quite busy this year, but we would like to release a small project nonetheless: Curating a list of subdomains based on certificate transparency logs that we’ll happily share with the community and publish new results every hour.

Going to Troopers 2016

Sebastian attended Troopers, an IT Security event in Heidelberg (Germany) organized by ERNW GmbH from the 14th to 18th of March 2016. He wants to share his experiences in this blogpost.

Internetwache CTF 2016 review

Penultimate weekend, we hosted our very first jeopardy style capture the flag event: The Internetwache CTF 2016

In this blogpost, we will write about the CTF from the organizer’s perspective. What was the setup? What went wrong? What did we learn? What was good? What can we do better next year? We hope that this insight can help other CTF organizers in the future.

Going to the Security Analyst Summit #TheSAS2016

Recently Tim was invited to visit the Security Analyst Summit of Kaspersky Labs (#TheSAS2016) which took place on Tenerife (Canary Islands) in february this year. In this post he shares his experience and wants to give a short overview of interesting topics (for the security research community).

TL;DR: #TheSAS2016 was a great experience and Tim learned a lot, because every day was filled with adventures or learning and seeing new things! The location was very nice, the atmosphere was amazing, the people were friendly - all in all everything was excellent!

CVE-2016-1926 - XSS in the Greenbone Security Assistant

Recently Tim has been working with the software framework “OpenVAS” (“Open Vulnerability Assessment System”). This software is open source so we spent some evenings looking for bugs in the webfrontend, the Greenbone Security Assistant. After some time Sebastian found two bugs and we were able to submit those - they are fixed now.