Help! There’s an OpenBullet Attack Config for Our Site – What Should we Do?

July 20, 2020

Thinly veiled as a web testing tool, OpenBullet a commonly used attack management toolkit that allows a bad actor to create and execute automated account takeovers and other types of attacks. Complete with its’s own GitHub repo and user community, OpenBullet allows a bad actor to create or import a predefined attack config, add the proxy infrastructure and user credentials, then launch and track the status of the attack.

OpenBullet, along with Snipr MBA BlackBullet, and ComboList have dramatically simplified the act of launching an attack and in so doing, have made security professionals’ lives a bit more difficult. Faced with this level of sophistication and ease of use, security teams can proactively use these tools and their related user forums to their advantage resulting in an improved security posture.

  1. Use advanced search techniques to uncover attack configs targeting your site.
  2. Participate in their user forums to gain an understanding of your adversary.
  3. Download, install and use the attack tools to understand their inner workings.

To learn more about each of these techniques, please join Will Glazier, head of security research at Cequence Security for an informative and interactive webinar on July 22nd at 1:00 PST where he will provide tips and techniques to help you uncover the existence of an attack config, then demonstrate how it is used in OpenBullet, providing pointers on how to use OpenBullet to your mitigation advantage. A demonstration of Cequence Bot Defense will wrap up the session.

Register today.

Attack BehaviorAttack ToolsBot DefenseCQAIJavascript

About the Author

Matt Keil

Director of Product Marketing

Unified API Security Bot Management
29 July 2022

Mergers and Acquisitions in API Security and Bot Management

Read More
RSOCKs takedown
28 June 2022

RSOCKS Takedown Means One Less Bulletproof Proxy Vendor

Read More
API Security Activity
19 May 2022

State of API Security Activity

Read More
How BOLA leads to enumeration and ATO attacks
10 May 2022

How BOLA Leads to Enumeration and ATO Attacks

Read More
5 May 2022

Threat Advisory: New Log4j Exploit Demonstrates a Hidden Blind Spot in the Global Digital Supply Chain

Read More

Subscribe to our blog

Join us for our Weekly Webinar Series: API Best Practices Register now