Whitepapers & Case Studies

21 July 2017
Will Boucher
The Citrix NetScaler1 Gateway VPN has the ability to check various conditions on a user device when it attempts to connect to a NetScaler Gateway. Citrix calls this ‚ÄúPreAuthentication Endpoint Analysis‚ÄĚ, or EPA. This is a problem when trying to connect to a NetScaler Gateway VPN without knowing the client-side checks required. This whitepaper details the process to reverse engineer the encryption mechanisms for these checks and provide a bypass for the client side verification.
19 May 2014
Denis Andzakovic
SSL Pinning is a security measure employed by applications in an attempt to thwart users from intercepting requests with a web proxy. This whitepaper will discuss methods used to bypass SSL pinning.
21 April 2010
Roberto Suggi Liverani
Cross Context Scripting (XCS) is a term coined for a browser based content injection in the Firefox chrome zone...
21 April 2010
Nick Freeman
This paper should be considered an addendum to the white paper "Cross Context Scripting with Firefox". This paper exclusively focuses on exploits which can be used to leverage Chrome Cross Context Scripting (XCS) vulnerabilities in Firefox...
25 September 2009
Direct Payment Solutions (DPS) is a leader in Internet payment solutions for the Australian and New Zealand markets. With thousands of New Zealand companies counting on DPS to process their electronic payments on a daily basis, it is imperative that DPS becomes PCI DSS-compliant. DPS enlists the expertise of Security-Assessment.com as the go-to partner for the complex compliance project.