Like any normal web application, Sharepoint may fall prey to OWASP Top 10 vulnerabilities with a special focus on XSS, mostly due to inadequate patching and misconfiguration. On this post, we focus on recon / what sharepoint is exposing. Google Dorks FTW!: Some google dorks to help you find sharepoint installations exposed to the webContinue reading “Penetration testing Sharepoint”
Tag Archives: Application Security
Do you know what your ERP is telling us?
Interesting engagement I had a few weeks ago, a client wanted assurance on their ERP – Oracle E-Business suite, to be specific. I spent a few weeks just to formulate an efficient strategy and be able to cover most controls from an insider threat perspective and an external authenticated attacker angle. For this post, IContinue reading “Do you know what your ERP is telling us?”
Alfie Njeru 