Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: UAtester

UAtester now in Backtrack 5!

Just a quick one to say that those interested in testing out the UAtester script can find the latest version in the newly released Backtrack 5. It’s a real honor to get UAtester accepted to a distribution like Backtrack, so I hope you guys enjoy and make use of it!

Menu Location ::

Backtrack | Information Gathering | Web Application Analysis | IDS IPS Identification

Links:

Advertisements

Shodan HTTP Header Survey

After a few months of back and forth, the first stage of our HTTP Header research is now live on the Shodan website.

A survey of Alexa’s top 10,000 websites on the Internet was conducted to measure the usage of security-related HTTP headers, mobile awareness and potential information leakage.

The HTTP Header Survey includes analysis of the top 10,000 websites using techniques I initially discussed with the UA-Tester tool. By gathering information on the top 10,000 websites we can begin to examine the different responses and usage of HTTP headers, including those specifically designed to assist in securing sites and browsers from attack.

The initial report covers some of the findings from this research, including the usage of security related headers, such as .:

  • X-XSS-Protection
  • X-Frame-Options
  • Access-Control-Allow-Origin
  • Strict-Transport-Security (where possible)

Click to view the complete survey

We also touch on some of the more interesting responses from servers that expose information regarding the background infrastructure, server types and software versions in use.

The data we’ve gathered still has a lot of secrets to give, but analysis takes time, and we wanted to get this first stage out in the public eye for comments and feedback. We also wanted to provide a direct link to the data we’ve collected to allow you to do your own analysis should you wish.

We hope you find the information useful.

Links:

UA-Tester 1.0 released: Now with 38% more pimp!

After a few months of playing around with the UA-Tester Alpha release, I’ve finally got the code to a point where I’m happy enough to do a 1.0 release… UA-Tester 1.0, codename Purple Pimp!

Changes since the alpha are far too many to list. However the new version does complete header matching, including some funky stuff like tracking cookie setting changes between user-agent strings (where HTTPonly or Secure might be set for 1 user-agent string, but not for another).

You can find a download link for the UA-Tester Python script, and a PDF of my BruCON lightening talk in the Tools/Scripts section above, or through the links below.

Feedback is always gratefully received…

LINKS: