Security Penetration Testing Blog

Enable HSTS
Apr 03, 2021 / Borislav Kiprin

The webserver does not offer HTTP Strict Transport Security (HSTS). HSTS enforces HTTPS connections. This prevents downgrade attacks to an insecure HTTP connection.

Enable Missing SSL CAA Record
/ Borislav Kiprin

The domains DNS zone does not specify any Certification Authority Authorization (CAA) record. This means that all certificate authorities (CAs) are allowed to issue certificates for this domain.

Enable Secure Cookies
/ Borislav Kiprin

Cookies that are not marked as secure can be transferred via an unencrypted connection. A man-in-the-middle attack can be used to get the contents of these cookies.

Secure TLS Configuration
/ Borislav Kiprin

A correct configured TLS encryption makes sure, that your users only get content from your web application that does not tamper with and cannot be eavesdropped on. Learn here, how you can secure your TLS Configuration.

Renew TLS Certificates
/ Borislav Kiprin

The domain certificate is expired or will expire closely. An expired certificate will result in error messages for the web application’s users.

Prevent SSL LUCKY13
/ Borislav Kiprin

LUCKY13 is a timing attack that can be used against implementations of the TLS protocol using the cipher block chaining mode of operation. The vulnerability affects the TLS 1.1 and 1.2 specification as well of certain forms of earlier versions.

/ Borislav Kiprin

The CRIME (Compression Ratio Info-leak Made Easy) attack is a vulnerability in the SSL compression. The attack against secret web cookies sent over compressed HTTPS or SPDY connections leaves cookie data vulnerable to session hijacking.

/ Borislav Kiprin

A server vulnerable for BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) allows an attacker to decrypt cookie contents such as session information. Learn here, how you can prevent SSL BREACH.

Enable TLS Encryption
/ Borislav Kiprin

There is no SSL/TLS encryption enabled on your server. All traffic to your web application is transported via unencrypted channels. This leaves your users vulnerable to man-in-the-middle attacks.

Enable Perfect Forward Secrecy
/ Borislav Kiprin

Perfect Forward Secrecy (PFS) is unavailable with the server configuration. If the TLS encryption is broken once, recordings of previous connections are not secure and may be decrypted.