CURRENT NEWS, INFO, & UPDATES
![]() | BETA LAUNCH! WisQuas is Now Online (FREE)
“You are only as strong as your weakest link. When you check a chain for weakness, do you only check one link? Why limit your Vulnerability Assessments and Penetration Testing efforts to a single or even handful of systems during an engagement when you can analyze the entire domain!” –9.2.2020 | |
![]() | This tool will crawl, analyze and enumerate a URL and all 3rd party links and dependent requests on the page (using different User-Agent strings). Results show the unique/anomalous responses received, useful for finding suspicious URLs and tracking down malicious payloads. UAAD uses Chrome Headless + Puppeteer to emulate a real browser with java-script support, in order to inspect actual rendered payloads. Results can also be exported as JSON output. –8.19.2020 | |
![]() | “In this write-up, we will provide an introduction to our WisQuas Engine, share some of LRL‘s recent discoveries, and take a quick look at causing an internal Information Disclosure (through overflowing the Apache web service), and using this disclosure to access an unprovisioned Shadow VHost (Virtual Host).” — 8.1.2020 |