C# / .NETDevOpsMisc
DevOps
Detect Outbound Side Effects in Applications
Alexandru Puiu
Alexandru Puiu
December 04, 2019
1 min

Sometimes, when testing an application, it’s not possible for us to observe data leakage or all side effects directly in the applications’ response. In certain situations, the attacker can cause the server-side application, or a secondary component in the backend to make outbound calls. These attacks are useful for both discovering the structure of the backend application, the number of servers, data centers used, as well as leaking data server-side from the application. Attacks could also queue up payload that our server might execute as part of a deferred processing job. Detecting these is crucial for the security of our app.

https://support.smartbear.com/collaborator/docs/server/install/steps.html

https://portswigger.net/burp/documentation/desktop/tools/collaborator-client


Tags

securityideas
Alexandru Puiu

Alexandru Puiu

Engineer / Security Architect

Systems Engineering advocate, Software Engineer, Security Architect / Researcher, SQL/NoSQL DBA, and Certified Scrum Master with a passion for Distributed Systems, AI and IoT..

Expertise

.NET
RavenDB
Kubernetes

Social Media

githubtwitterwebsite

Related Posts

Signing Commits
Signing Git Commits Using YubiKey on Windows
February 11, 2020
5 min

Subscribe To My Newsletter

I'll only send worthwhile content I think you'll want, less than once a month, and promise to never spam or sell your information!
© 2022, All Rights Reserved.

Quick Links

Get In TouchAbout Me

Social Media