FedSearch
Mr.Trunk · @mrtrunk
12 followers · 19529 posts · Server dromedary.seedoubleyou.me

#applicationpenetrationtesting #webvulnerabilityanalysis #webinformationgathering #burpsuite

Last updated 1 year ago
Original post

Vlad :verified: · @VladDBA
47 followers · 84 posts · Server mastodon.cloud

In this post I'm covering the risks brought on by not securing SQL Server's service account and setting it to run under a privileged account, and demo how an attacker can leverage it to gain access to the instance's host.
It was fun using Burp Suite Pro to demo data exfiltration through HTTP, as well as HoaxShell to demo initiating a reverse shell connection, all from SQL Server.

vladdba.com/2023/07/24/securin

#sqlserver #dba #mssqlserver #mssql #sqlserverdba #windows #security #hoaxshell #burpsuite

Last updated 1 year ago
Original post

agentduckman · @agentduckman
42 followers · 96 posts · Server fosstodon.org

@birnim a fair point. I guess the two things that I must have WM for would be an internet browser and (Doing security work with Kali)

#burpsuite

Last updated 1 year ago
Original post

Duggy Tuxy · @duggytuxy
10 followers · 14 posts · Server mastouille.fr
Open media

De chouettes ressources/modules d'apprentissage sur Hack The Box Academy tels que Linux Fundamentals, Nmap, Metasploit, Burp Suite, BloodHound etc.

Lien vers le site ==> lnkd.in/eycfydta

PS: à consommer sans modérations !!!

#apprentissage #linux #burpsuite #infosec #pentest #hackthebox #cybersecurity #cyber

Last updated 1 year ago
Original post

Tae'lur Alexis :verified: · @taeluralexis
285 followers · 99 posts · Server infosec.exchange
Open media

Day 6:
My friend taught me Metasploit today and we were poppin shells it was pretty dope! It was a hands on approach, I picked up the basics fairly quickly. Also won a Burp Suite Pro license for a year and I’m excited to use it. What a great day :3

I’m taking the rest of the day off from studying to spend time with my mom, she just got told by her doctor that her vitals are good and that’s so great!

#100daysofhacking #infosec #burpsuite #cybersecurity

Last updated 1 year ago
Original post

iz_floresta · @iz_floresta
47 followers · 140 posts · Server hachyderm.io

My latest blog post on manipulating JWT tokens in PortSwigger labs with the super cool JWT Editor extension for .

This is result of another assignment from The XSS Rat's prep course.

medium.com/@iz_floresta/json-w

#burpsuite #cnwpp

Last updated 1 year ago
Original post

Wu Yuansheng · @admin
19 followers · 15159 posts · Server social.xinghaizhandui.com
Open media

#burpsuite #burp #webapphacking #CyberSecurity #cyberwarrior #infosec

Last updated 1 year ago
Original post

Tae'lur Alexis :verified: · @taeluralexis
231 followers · 7 posts · Server infosec.exchange

Here’s how I’ve been learning web app pentesting:

- Bug Bounty Bootcamp by Vickie Li (This book provides such a beautiful & detailed introduction to how HTTP & cookies/JSON Web Tokens work, Burp Suite, writing Bash scripts & finding web vulnerabilities)
- Portswigger Web Academy
- TryHackMe
- HackTheBox Academy (this platform is beast!)

I’ve been testing out diff tools, techniques & recon on my personal websites :-)

#pentesting #infosec #cybersecurity #coding #owasp #burpsuite #hacking

Last updated 1 year ago
Original post

n0kovo 🇩🇰​:anarchy:​:comm:​:terminal:​:vegan:​:debian:​:python:​:tor:​:signal: · @n0kovo
553 followers · 110 posts · Server infosec.exchange
GitHub - GitHub - n0kovo/burp-copy-headers-as-args: Copy request headers in -H format (cURL, Wfuzz, Gobuster etc.)

I made a Burp extension! Are you tired of manually copying request headers from Burp, formatting them like

-H 'User-Agent:Something'

and pasting them into your command to use them with cURL, Gobuster, Wfuzz, fuff, Feroxbuster etc.?

I sure was. So I made this:
github.com/n0kovo/burp-copy-he

You're welcome ❤️

#burpsuite #pentest #pentesting #bugbountytips #bugbounty #foss #appsec #hacking #tools #infosec #redteam #redteaming #pentestingtools #fuzzing #bapp

Last updated 1 year ago
Original post

Konstantin · @kpwn
38 followers · 164 posts · Server infosec.exchange
Open media

Seriously, why is there no stop button?!

#mememonday #pentesting #infosec #cybersec #bugbounty #paramminer #burpsuite

Last updated 1 year ago
Original post

Konstantin · @kpwn
36 followers · 161 posts · Server infosec.exchange
Burp Suite Release Notes - Professional / Community 2023.1.2

2023.1.2 (stable) was released today. Changes include​

- Restructured settings ⚙️

- The possibility to configure the default group for Repeater tabs 😍​

- Persistence for Burp extensions 💾

- Prefixes and suffixes in macro parameters 🟨⬛🟨

- Improvements to Burp Scanner 🐜

Read more here:
portswigger.net/burp/releases/

#burpsuite

Last updated 1 year ago
Original post

· @postmodern
868 followers · 551 posts · Server infosec.exchange

Asking this question again in 2023. Do bug bounty hunters have a preferred common format for logging HTTP requests / responses?

#bugbounty #burpsuite #http

Last updated 2 years ago
Original post

infosec-jobs.com · @infosec_jobs
1430 followers · 14555 posts · Server mastodon.social

#infosec #infosecjobs #cybersecurity #jobsearch #hiringnow #cybercareers #florida #aircrack #apis #blackbox #burpsuite #cpp #ceh #clearance #cloud #cobaltstrike #edr

Last updated 2 years ago
Original post

Konstantin · @kpwn
29 followers · 91 posts · Server infosec.exchange
Open media

#burpsuite #mememonday #pentesting #infosec #cybersec #bugbounty #clientsidedesync

Last updated 2 years ago
Original post

Digital Empress :verified: · @digitalempress
405 followers · 224 posts · Server infosec.exchange
Open media

Solved: Broken brute-force protection, IP block

Took me 2 days but I got it! 🥳

#burpsuite #appsec #hacking #owasp #bruteforce

Last updated 2 years ago
Original post

Digital Empress :verified: · @digitalempress
405 followers · 224 posts · Server infosec.exchange
Open media

Solved: Username enumeration via response timing

#burpsuite #portswigger #owasp #appsec #studying

Last updated 2 years ago
Original post

Digital Empress :verified: · @digitalempress
404 followers · 223 posts · Server infosec.exchange
Open media

Solved: Username enumeration via subtly different responses

#portswigger #burpsuite #appsec

Last updated 2 years ago
Original post

infosec-jobs.com · @infosec_jobs
1417 followers · 14544 posts · Server mastodon.social

#infosec #infosecjobs #cybersecurity #jobsearch #hiringnow #cybercareers #alexandria #va #activedirectory #analytics #applicationsecurity #apt #burpsuite #ceh #cissp #clearance #cobaltstrike

Last updated 2 years ago
Original post

Darryl Nixon :verified_flashing: · @darryl
120 followers · 159 posts · Server infosec.exchange

I purchased ProxyMan for my Mac with their generous student discount because it's cheaper than Burp Suite, and I can't/don't use my work licenses for self-directed research and academia.

It's nice. The UI/UX is intuitive and macOS-like, making it stand out for me against the likes of mitmproxy, Burp, and ZAP. It took a handful of straightforward in-app clicks to set the system proxy, trust their root CA certificate for specific domains, and pass-thru everything else.

My license also unlocked premium features for their mobile app, which I just learned of but am now interested in checking out. I'm glad there's still room for competition in the MITM space.

#ProxyMan #proxy #mitm #mitmproxy #burp #burpsuite #owasp #zap

Last updated 2 years ago
Original post

José Pedro Mayo · @jpmayo
7 followers · 22 posts · Server infosec.exchange

#cybersecurity #osint #pentest #scanner #cve #vulnerabilities #burpsuite #endpoints #passwords #cloud #secrets #fuzzing #dns #ips #framework #network #directories #crawler #screeenshots #git #cms #allinone #proxy #probing

Last updated 2 years ago
Original post