Hello! refabr1k is my handle and I'm a pentester. I originally created this for my OSCP prep, but now I use this note book as reference when I'm performing pentesting. Feel free to use for your gain!

Best FIT with simple REALTIME Examples. Topic includes Parenting in Digital Age, Child's use, Cyber Crimes & Remedies.

We compiled a list of several techniques for improved exploition of MSSQL injections. All the vectors have been tested on at least three of the latest versions of Microsoft SQL Server: 2019, 2017, 2016SP2. DNS Out-of-Band If confronted with a fully blind…

We find ourselves in the 4th quarter of 2020, and we are ecstatic to announce the release of Kali Linux 2020.4, which is ready for immediate download or updating.
What’s different with this release since 2020.3 in August 2020 is:

ZSH is the new default shell…

Tired of proving you're not a robot? In this post, I'll show how you can partially bypass Google reCAPTCHA by using a new Turbo Intruder feature to trigger a race condition. This vulnerability was rep

Burp extension to highlight Repeater tabs. Contribute to b4dpxl/Burp-Repeater-Tab-Highlighter development by creating an account on GitHub.

A Burp Suite extension for identifying missing Subresource Integrity attributes. - PortSwigger/sri-check

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation" - doyensec/burpdeveltraining

Software-based network isolation provided by routers is not as efficient as believed, as hackers can smuggle data between the networks for exfiltration.

This cheat sheet enables users of Burp Suite with quicker operations and more ease of use. Burp Suite is the de-facto penetration testing tool for assessing web applications. It enables penetration testers to rapidly test applications via signature features…