Which web vulnerabilities should I test for when pentesting a static site?

I have a static-page website that I need to pentest. What I mean by this is that the site does not have a database, and it has no area to submit user input except for to a third party payment service that is managed entirely by them.

I have actually done web app pentesting before and found vulnerabilities such as XSS, CSRF, IDOR, and DoS. However, these were web apps where content was being reflected back to the page, and a user was “logged in.”

Off the top of my head, I can think of:

  1. Exposed/improperly protected admin panels
  2. Directory traversal
  3. Weak admin credentials on the host accounts/admin controls

Aside from those issues, I am having a difficult time coming up with other vulnerabilities to look for on a static site where user input is not collected or reflected, there is no notion of an “account”, and etc… The site does use PHP 7 on Apache, but the site is rather basic compared to many of the modern “web app” sites which utilize OAuth, social media login, reflect content back to the page, and so on.

Note: I did see Which security measures make sense for a static web site? but that post is more from a “blue team” standpoint, whereas I am asking for pentesting advice, not advice for how to secure the site.

test proxies for google recaptcha

How can I do that within GSA-SER when importing Proxys I can check it for Recpatcha, there is no option, the closest thing is Custom but I don’t know how to configure it.
What I do not understand as in GSA proxy if there is an option to search for them, but there is no option to extract them independently. I know that they are anonymous and that they are SSL, but there is no clear option to export only those types of captchas
And that is the big problem I have. With Capmonster that works really well I see when Ip block the proxies that take the captchas. I am not against hiring more proxies but I want to get the most out of GSA Proxy, which does.
I always go through a copy of GSA-SER to check speed and save it. But I don’t know how to do in GSA SER to check them only for google recaptcha. IF there is any way to do it please tell me.

The big problem is that the same proxies that are useful for google don’t work for google recaptcha, and recaptcha banns my proxies and there is no way to get more records on pages. Almost all pages have Recapcha and when you hit on so many pages, it is easy for them to ban you. When you are creating a T1 with contextual and Articles, they are the captchas that appear the most. I can find the sites, I can do everything but if Recaptcha recognizes my Proxie as banned, it doesn’t give me the image, and the service can’t recognize it. The truth is that Capmonster gives a lot of information about what is happening, and you can add Proxies through the archive every X seconds, but of course, I have to filter before, that’s where my query comes from.

Is there any official documentation on the AdSense data-adtest=”on” parameter to test locally?

On many places over the internet you can find people suggesting the data-adtest="on" parameter to test ads on your local environment.

<ins className="adsbygoogle"   style={{display:"inline-block", width:"360px", height:"180px"}}   data-ad-client="XXXXX"   data-ad-slot="XXXXX"   data-adtest="on"         // <----------------------------- > </ins> 

I could make it work with trial and error. Some sites even suggest that the proper name is data-ad-test.

But is there an official documentation about this?

I there is, I still haven’t found.

Approach for algorithm to find closest 3-D object in a list of many similar objects to a given test case

Lets say I have a list of many (10s of thousands – millions) objects, and each of these objects has a given number of 3-D vertices (my current implementation uses 8 vertices each, but this number can be reduced if it causes a very significant increase in performance). These vertices are currently stored as floats from 0-255, but this range can also be changed if need be, assuming it will not reduce accuracy too drastically. Also, I can store these objects in any data structure that would be beneficial for this algorithm.

I am given another such object, also with the same number (8) 3-D vertices, but of which in general it must be assumed that none of the vertices are common with any vertices included in the list of stored previous objects.

With all of this in mind, I need an algorithm that will return an object from that list that is optimally close to the test case object (close being defined in the normal, euclidean distance, sense). By optimally close, I mean that it does not have to be the global optimum if this will greatly increase performance, although if there is a quick algorithm that will always return the global optimum i would love to hear it.

What’s a quick test to see if an $n \times n$ matrix is diagonal and/or proporitional to the identity matrix?

As the title indicates, I want to test whether an $ n \times n$ matrix (numeric, symbolic,..) is diagonal and/or proportional to the $ n \times n$ identity matrix. I, of course, can test whether the $ n^2-n$ individual off-diagonal entries are zero–but that’s, it would seem, is inefficient.

Test dirtycow vulnerability

I’m not sure where to turn, so I turned to this forum. Please don’t downvote me for nothing, I’m just trying to ask a question.

Hello! So, I’ve been trying to find a system vulnerable to dirtycow and I can’t find any. (atleast any that can compile C code…)

Things I tried

  • Using the dirtycow PoC on ubuntu 10 LTS, ubuntu 9 LTS and it didn’t work. ( View my previous question)

  • Installing debian 7 or debian 6, but they don’t have gcc installed in them.

So my question is

which .iso can I install in order to try out dirtycow? (I’m writing an article so I want to test it for myself)

NOTE: I’ve tested the kernel versions of all the things I’ve tested, and they seemed vulnerable. so I’m not sure. I ran all the virtual machines in virtualbox / vmware with 3 cores and a lot of RAM and HDD memory.

Programming Test for a job in Game Dev – expected levels of documentation etc

If this is the wrong place to be asking this – please let me know and I’ll happily ask it somewhere else!

I am completing a C++ Proficiency test for a “Junior Engine Programmer” role at a game studio in the UK. The test involves creating a pathfinding demo and rendering it to the screen. I won’t go too into the details of the test, but the brief doesn’t mention any documentation or unit testing etc.

I’ve been told by a lecturer I should definitely include both of those, despite not being asked, and by another that I should use my time more wisely to make a great implementation. What is the done thing here? The only thing close that the brief mentions is making clear where I’ve used other libraries.

Is there anything else I should consider submitting with the implementation as well? Thinking of technical specification such as class diagrams etc, or anything really.

Thanks!

Reusing Bearer Tokens in Test System

We are integrating into a system and I have some concerns over the security. As a test, I have taken a bearer token that was issued in a request 2 months ago and managed to perform a successful, authenticated request to the test system.

The live system blocks requests using older tokens, which is good. However, it suggests that the live system has the potential to be either storing older tokens or the potential (with maybe an unintentional change) to accept older tokens.

I’m quite concerned that the test system would be developed in a way that allows reuse of tokens. Should this be a concern and what are the potential implications?

Thanks in advance