Satvik Vemulapallianonbash.hashnode.dev·8 hours agoBurpsuite The BasicsTASK 1 - Introduction Welcome to Burp Suite Basics! This particular room aims to understand the basics of the Burp Suite web application security testing framework. Our focus will revolve around the following key aspects: A thorough introduction to ...DiscussBurpsuite
Khushi TrivediforKeploy Community Blogkeploy.hashnode.dev·Dec 4, 2024Choosing the right Penetration Testing Tools for your systemOrganizations are in a sheer need to stay up-to the minute, and be ahead for protecting their systems and data. Penetration testing can prove to be a structured process that can mimic the real-world vulnerabilities before it’s prone to any malicious ...DiscussTesting
Ohekpeje Joel Odeyjoelodey.hashnode.dev·Nov 17, 2024Lab: Broken brute-force protection, multiple credentials per requestLab Scenario: Our objective is to understand and exploit a web application's broken brute-force protection, where the login credentials are submitted in JSON format. By manipulating the request to submit multiple credentials, we aim to bypass the pro...Discuss·1 likePortSwigger Authentication Labswebsecurity
Bhuwan Bhetwalblog.bhuwanbhetwal.com.np·Nov 16, 2024Connecting android/emulator to your Burp suite via OpenVPNThis is a simple blog for connecting the Genymotion and the Burpsuite for Android Pentesing using OpenVPN. I use Genymotion (Google Pixel 3 — Android Version 9) and Kali Linux Let’s start the configuration. Make sure you save this two scripts. Githu...Discuss·33 readsBurpsuite
Ohekpeje Joel Odeyjoelodey.hashnode.dev·Nov 8, 2024Lab: Exploiting XXE to perform SSRF attacksLab Scenario: Our mission is to exploit XXE through a web application's "Check stock" feature, ultimately performing SSRF attacks to access sensitive information from a metadata endpoint. By intercepting and manipulating a POST request, we intend to ...Discuss·1 likePortSwigger XML external entity (XXE) injectionxxe
Bhuwan Bhetwalblog.bhuwanbhetwal.com.np·Nov 7, 2024Adding Knoxnl (KNOXSS) to BurpOpen Burp > Extensions Install Piper Go to Piper > Context menu items Click on Add Button and Enter Name as “knoxnl” In the Add menu item dialog box, enter the Name as knoxnl and change the Can handle... drop down to HTTP requests only. Change b...Discuss·66 readsKnoxnl
J3bitokjebitok.hashnode.dev·Nov 1, 2024Web Hacking: Burp Suite: The Basics (TryHackMe)In this article, I will write a write-up for Burp Suite: The Basics that covers What is Burp Suite, Features of Burp Community, Installation, The Dashboard, Navigation, Options, Introduction to the Burp Proxy, Connecting through the Proxy (FoxyProxy ...DiscussBurpsuite
kurtnettlekurtnettle.hashnode.dev·Oct 24, 2024Admir - The Great Admin Access Heist! - NRF24CTFProblem Statement In the heart of the digital world lies a powerful admin panel known as Admir—an interface that controls the core functionalities and sensitive data of a high-stakes web application. Hidden from the eyes of most, this admin panel is ...DiscussEWU NRF24 CTF (Online Preliminary Round)CTF Writeup
Bisola Adedijibeesola.hashnode.dev·Oct 9, 2024Getting Started With Portswigger Web Security AcademyPortSwigger's Web Security Academy is a free, interactive online learning platform that teaches web security through hands-on labs, designed by the creators of Burp Suite. Whether you’re a budding ethical hacker, a developer wanting to secure your co...Discusswebhacking
Aditya Uniyaladityauniyal.hashnode.dev·Oct 5, 2024Information Disclosures Lab (Fast recap)Lab1: Information disclosure in error messages It gives information about the version if we put the input parameter wrong. Lab2: Information disclosure on debug page We can just check the source code there it is mentioned about the path to a php f...Discuss#cybersecurity