#BurpHacksForBounties - Day 26/30
Красное сердцеUnderstand the different intruder attack types in Burp Suite
With visualizations at code level for better understanding.
Code level understanding in follow up thread 👇
#infosec #appsec #security #cybersecurity #bugbounty #bugbountytips
Красное сердцеUnderstand the different intruder attack types in Burp Suite
With visualizations at code level for better understanding.
Code level understanding in follow up thread 👇
#infosec #appsec #security #cybersecurity #bugbounty #bugbountytips
Understanding from code is way more easier than a paragraph full of description. Let me know if I miss anything.
Share if you like and think if others can get benefit from this.
Share if you like and think if others can get benefit from this.
#BurpHacksForBounties - 27/30
See all different intruder attack types of Burp Suite as codes
- Sniper
- Battering RAM
- Cluster Bomb
- PitchFork
#infosec #appsec #bugbounty #bugbountytips #security #burp
See all different intruder attack types of Burp Suite as codes
- Sniper
- Battering RAM
- Cluster Bomb
- PitchFork
#infosec #appsec #bugbounty #bugbountytips #security #burp
This media is not supported in your browser
VIEW IN TELEGRAM
#BurpHacksForBounties - Day 28/30 - Super CSRF POC Generator Hack.
CSRF POC generator is only available in Burp Suite pro, but not anymore.
Use this -> https://github.com/merttasci/csrf-poc-generator by @mertistaken
#infosec #burp #appsec #security #bugbountytips #bugbountytip #cybersecurity
CSRF POC generator is only available in Burp Suite pro, but not anymore.
Use this -> https://github.com/merttasci/csrf-poc-generator by @mertistaken
#infosec #burp #appsec #security #bugbountytips #bugbountytip #cybersecurity
#BurpHacksForBounties - Day 29/30
No Collaborator No worries
Burp Suite Collaborator is part of pro, so use requestbin.net
- Exactly same as collaborator
- Free 20 requests without login
- HTTP bin
- DNS bin
#infosec #appsec #bugbountytips #bugbountytip #burp
No Collaborator No worries
Burp Suite Collaborator is part of pro, so use requestbin.net
- Exactly same as collaborator
- Free 20 requests without login
- HTTP bin
- DNS bin
#infosec #appsec #bugbountytips #bugbountytip #burp
purpleteam - CLI component of OWASP PurpleTeam
https://github.com/purpleteam-labs/purpleteam
#PurpleTeam #OWASP
https://github.com/purpleteam-labs/purpleteam
#PurpleTeam #OWASP
GitHub
GitHub - purpleteam-labs/purpleteam: CLI component of OWASP PurpleTeam
CLI component of OWASP PurpleTeam. Contribute to purpleteam-labs/purpleteam development by creating an account on GitHub.
EfsPotato
Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
https://github.com/zcgonvh/EfsPotato
#windows #privesc #pentest
Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
https://github.com/zcgonvh/EfsPotato
#windows #privesc #pentest
GitHub
GitHub - zcgonvh/EfsPotato: Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation…
Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability). - zcgonvh/EfsPotato
Kubernetes Hardening Guidance
The NSA and CISA have published today a Kubernetes security-hardening guide
https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
#kubernetes #hardening #security
The NSA and CISA have published today a Kubernetes security-hardening guide
https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
#kubernetes #hardening #security