Tag Archives: PortSwigger

Is it possible to detect Zero Day vulnerabilities with Vulnerability Management solutions?

Hello everyone! In my English-language telegram chat avleonovchat, the question was asked: “How to find zero day vulnerabilities with Qualys?” Apparently this question can be expanded. Not just with Qualys, but with any VM solution in general. And is it even possible? There was an interesting discussion.

Alternative video link (for Russia): https://vk.com/video-149273431_456239109

Image generated by Stable Diffusion 2.1: “calendar on the wall cyber security vulnerability zero day”

The question is not so straightforward. To answer it, we need to define what a Zero Day vulnerability is. If we look at wikipedia, then historically “0” is the number of days a vendor has to fix a vulnerability.

“Eventually the term was applied to the vulnerabilities that allowed this hacking, and to the number of days that the vendor has had to fix them.”

Continue reading →

A few words about Gartner’s “Magic Quadrant for Application Security Testing” 2018

February and March are the hot months for marketing reports. I already wrote about IDC and Forrester reports about Vulnerability Management-related markets. And this Monday, March 19, Gartner released new “Magic Quadrant for Application Security Testing”. You can buy it on the official website for $ 1,995.00 USD or download it for free from the vendor’s sites. For example, Synopsys or Positive Technologies. Thank you, dear vendors, for this opportunity!

I’m not an expert in Application Security. I am more in Device Vulnerability Assessment (IDC term) or Vulnerability Management. However, these field are related. And well-known Vulnerability Management vendors often have products or functionality for Web Application scanning and Source Code analysis as well. Just see Qualys, Rapid7 and Positive Technologies at the picture!

Gartner AST MQ 2018

I have already mentioned in previous posts that grouping products in marketing niches is rather mysterious process for me. For example, Gartner AST niche is for SAST, DAST and IAST products:

SAST is for source code or binary analysis
DAST is basically a black box scanning of deployed applications. it can be also called WAS (Web Application Scanning)
IAST is a kind of analysis that requires agent in the test runtime environment. Imho, this thing is still a pretty exotic.

As you can see, these are very different areas. But, the market is the same – AST.

Continue reading →

Burp Suite Free Edition and NTLM authentication in ASP.net applications

2 Replies

As you know, Burp Suit is a scanner for advanced Web Application Security researchers. However, the free version of Burp is more like Firebug analogue, but much more functional.

Let’s see how to install it and use for website analysis. This analysis may be necessary to find vulnerabilities or somehow automate the work with the site. Let’s take, for example, ASP.net applications with NTLM-authorization, which is rather unpleasant to analyze.

Go to the site https://portswigger.net/burp/freedownload and download burp installer as a bash script:

Burp Suite Free Edition

Continue reading →

This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.