JCJonathan Cooperinjoncooperworks.com·Jan 23, 2021 · 10 min readHacking HTTP with HTTPfuzzSo you’ve been given a web app to pentest. Maybe it’s a banking app or a document workflow system. Either way, you need to make sure it’s done safely. Modern web applications have a large attack surface, and testing everything by hand is inefficient....00
JCJonathan Cooperinjoncooperworks.com·Oct 5, 2020 · 5 min readJudas: Phishing ResurrectedIf you’ve been reading my blog since I started writing on Medium, you’ll remember Judas, the pluggable open-source phishing proxy. I wrote Judas to prove a point on an engagement once, and unfortunately neglected it afterwards. (Side note: Go’s compr...00
JCJonathan Cooperinjoncooperworks.com·Aug 13, 2020 · 9 min readPrinting Money With TD Ameritrade's APIWe’ve all heard about algorithmic trading in the news. It sounds great! You think of a program making money for you while you sip Mai Tais and smoke the finest ganja on the beach in Jamaica. I’m going to show you how you can do it yourself with TD Am...00
JCJonathan Cooperinjoncooperworks.com·Jul 23, 2020 · 4 min readEasy private networks with WireguardHTTPSI’ve been experimenting with Wireguard as a VPN to protect my internet traffic from local snoopers and communicate between all my devices as if they were on the same network. SSHing into an Ubuntu 20.04 Thinkpad on my home network via the VPN. Wi...00
JCJonathan Cooperinjoncooperworks.com·Jul 19, 2019 · 6 min readAutomated API testing with PostmanPostman is an excellent API testing tool for developers, QA testers and penetration testers. Its UI allows you to easily send HTTP requests and see responses, but it’s also a great automation tool. Getting stock prices from Alpha Vantage with Post...00