Cisco ASA Remote Code Execution – Verifying CVE-2016-1287

As Cisco ASAs are widely used in the industry, we started to see this vulnerability come up in many penetration tests, but it was hard to verify beyond the fact that a scanner found this issue. The consulting team here at NetSPI, as well as our clients, wanted a more verbose verification that this vulnerability was present.

Learn More

Attacking JavaScript Web Service Proxies with Burp

This blog dives into JavaScript Web Service Proxies as an alternative to WSDL (Web Services Description Language) files for interacting with WCF Web Services.

Learn More