Planning for Disaster Recovery Disaster recovery is a critical component of business continuity, especially for medium to large enterprises that rely heavily on digital infrastructure, or use their digital infrastructure for any business operations. Cyber threats, natural disasters, hardware failures, and human errors can severely disrupt operations, resulting in financial losses and reputational damage. To… Continue reading A Strategic Approach to Business Disaster Recovery

This post explores how an ASP.NET project incorrectly disclosing its web.config containing static keys allows for remote code execution. The common cases for exploiting this vulnerability would be if the web application has published it’s static machine keys to GitHub, such as with the example project for this post (https://github.com/ozajay0207/EGVC) or if the application has… Continue reading Exploiting ASP.NET ViewState Misconfigurations for Remote Code Execution