Raiders of the Lost ARP

Amateur Security Archaeologists, trying not to break things.

Category: Offensive Techniques (Page 5 of 6)

Don’t worry, AppDev can Threat Model like a champ!

November 2, 2023 /
A bunch of WASPs trying to penetrate a laptop's screen because they are after the web application
What some call a penetration test, others call a bug scrub…

If you are landing here after reading earlier posts, you might be thinking “this is great, but what I REALLY need is to avoid being the next <insert bad breach company here>. Well, our friends at OWASP (Open Web Application Security Project) are an organization that focuses on improving the security of software. Like any good David Letterman fan, they are famous for their Top 10 list of web application threats, and have followed that up with an API version! Threat modeling for software applications are essential not only to the end customers, but with the sheer complexity of today’s typical environments, the legal ramifications of a breach or attack can spell disaster for the hosting company, the software vendor, business partners, ecosystem partners, and the end users alike. It should be no surprise then that OWASP has its own approach to application threat modeling.

Continue reading

Ally with attack trees to threat model more effectively

October 31, 2023 /

To be clear, I don’t want you to raze the Amazon Rainforest here. What I am referring to for this blog post is another visualization technique. Where as DFDs focused on understanding the flow of information through your systems, Attack Trees are another graphical representation to uncover how an attacker might exploit weaknesses in a system to achieve specific malicious objectives.

Weird tree-borne monster getting ready to attack something.
Larry in accounting is tired of being scapegoated as the #1 most common threat vector
Continue reading

Scanning for Vulnerabilities with Arachni

August 10, 2018 /

Web application vulnerability scanners are big business. A quick search of alternatives will show you that there are literally hundreds of open source and commercial scanners, and all of them offer varying coverage of the vuln space as well as functions that extend into different phases of the Pen Test Kill Chain. As is the case with any trend in security, this explosion in the market is a symptom of something else entirely – web applications are by their very nature easy to access and popular for hackers to exploit. The payoff for a successful breach or compromise is massive.

Continue reading

Roll Your Own Kill Chain

July 2, 2018 /

When we conduct penetration tests, we are trying to mimic the actions an actual intruder or attacker would use to gain illicit access or otherwise compromise target systems. Knowing how they attack influences how we plan our penetration test. Most pen testers mimic some version of the Cyber Kill Chain discussed in a previous post. When Jason and I sought to write the Raspberry Pi pentesting update, we took some liberty with the Kill Chain.  We crafted a version to suit our needs for penetration testing. We did our best to show how different tools we used to get our Raspberry Pi through the entire operation:

Continue reading

BYOT (Bring Your Own Target)

June 29, 2018 /

Sorry readers – pen testing is far from a prescriptive field. A good deal of fun can be had, but there is an element of choose your own adventure here that means you’re going to have to continually adjust your plans and ensure you are meeting your needs, be they training or job specific. One of the most awesome aspects of the field is how many tools are published that can help you out! The hacking community is pretty collaborative, so there have been a plethora of tools out there for many years that evolve, receive updates, and see some pretty vibrant extensions and support.

Continue reading

« Older posts Newer posts »

© 2025 Raiders of the Lost ARP

Theme by Anders NorenUp ↑

Verified by MonsterInsights