#burpsuite

5h ago · 13 min read · In this post, the DVWA Content Security Policy [CSP] Bypass vulnerability is described. The objective for attacks on all levels is to bypass the CSP and execute JavaScript in the vulnerable web page.

Join discussion

EEEmma Engströmpentesting-dvwa.hashnode.dev

0

Brute Force in DVWA

6d ago · 14 min read · Introduction This post explores the brute-force vulnerability in the Damn Vulnerable Web Application (DVWA). The objective of the attack is to gain unauthorised access to the application by discoverin

Join discussion

JJebitoksharonjebitok.com

0

Love Letter Locker (TryHackMe) - IDOR

Mar 5 · 6 min read · Lover Letter Locker is a Valentine's-themed web application that allows users to create and store love letters. The challenge description hints at privacy concerns with "For your eyes only?" - suggest

Join discussion

DCDIPANKAR CHOWDHURYbuildwithease.hashnode.dev

0

Inside HTTPS: Building a Proxy Server in Go from Scratch

Mar 1 · 8 min read · Hi, I am Dipankar. In this blog, I am going to explain that how I built a very basic proxy server in Golang and what I learnt from the project. First of all, I need to say that if this project is a 10

Join discussion

MMaMad4Evermikagelabs.hashnode.dev

0

Boost Your Burp Suite: Configuration $ Extensions

Feb 15 · 6 min read · 📚 Before Start (experienced hackers can skip this) Burp Suite is a powerful tool for web security testing, widely used by ethical hackers and penetration testers. It allows you to intercept, modify, and analyze HTTP/S traffic — think of it as Wiresh...

Join discussion

JJebitoksharonjebitok.com

0

Mother's Secret

Feb 11 · 6 min read · 🚀 Introduction This writeup documents my journey through the Mother's Secrets challenge on TryHackMe, part of the DevSecOps learning path. The challenge presents a compelling scenario inspired by the 1979 sci-fi classic "Alien," where players must i...

Join discussion

HQHồ Quang Anhanhbii.hashnode.dev

0

Burp Suite Extension: Hô biến HTTP History thành Checklist "Sạch kin kít" với Attack Surface Auto-Filter ️

Jan 29 · 6 min read · "Pentest hiện đại là cuộc chiến chống lại sự nhiễu loạn thông tin (Noise)." Nếu bạn là một Pentester hay Bug Hunter thường xuyên làm việc với các hệ thống Web Application/API phức tạp, chắc chắn bạn đã từng trải qua cảm giác này: Mở Burp Suite lên, l...

Join discussion

HQHồ Quang Anhanhbii.hashnode.dev

0

Chia sẻ tool tự động giải Captcha trong Burp Suite mà không cần cài Python

Jan 27 · 2 min read · [!INFO] TL;DR: Mình vừa release Captcha-Slayer - một Burp Suite Extension giúp giải captcha tự động. Điểm mạnh là tích hợp sẵn engine OCR (không cần cài Python) và fix lỗi logic khi chạy Intruder. Mình làm pentest chắc ai cũng từng dùng qua captcha-...

Join discussion

JJebitoksharonjebitok.com

0

Next.js: CVE-2025-29927 (TryHackMe)

Jan 11 · 14 min read · Introduction In January 2025, security researchers Rachid and Yasser Allam uncovered a critical vulnerability in Next.js that sent shockwaves through the web development community. CVE-2025-29927, a middleware authorization bypass flaw, affects one o...

Join discussion

MHMD. HABIBULLAH SHARIFblog.habibullah.dev

0

The Engineer's Toolkit: Configuring Burp Suite on Fedora Linux

Jan 9 · 3 min read · The "Man-in-the-Middle" Burp Suite operates on a simple premise: Trust Logic. By telling your browser to trust Burp as a Certificate Authority (CA), you can break SSL/TLS encryption. You see the raw HTTP requests before they leave your machine, and t...

Join discussion

Tag feed

Tag feed

#burpsuite

CSP Bypass in DVWA

Brute Force in DVWA

Love Letter Locker (TryHackMe) - IDOR

Inside HTTPS: Building a Proxy Server in Go from Scratch

Boost Your Burp Suite: Configuration $ Extensions

Mother's Secret

Burp Suite Extension: Hô biến HTTP History thành Checklist "Sạch kin kít" với Attack Surface Auto-Filter ️

Chia sẻ tool tự động giải Captcha trong Burp Suite mà không cần cài Python

Next.js: CVE-2025-29927 (TryHackMe)

The Engineer's Toolkit: Configuring Burp Suite on Fedora Linux

#burpsuite

Search Hashnode

#burpsuite

CSP Bypass in DVWA

Brute Force in DVWA

Love Letter Locker (TryHackMe) - IDOR

Inside HTTPS: Building a Proxy Server in Go from Scratch

Boost Your Burp Suite: Configuration $ Extensions

Mother's Secret

Burp Suite Extension: Hô biến HTTP History thành Checklist "Sạch kin kít" với Attack Surface Auto-Filter ️

Chia sẻ tool tự động giải Captcha trong Burp Suite mà không cần cài Python

Next.js: CVE-2025-29927 (TryHackMe)

The Engineer's Toolkit: Configuring Burp Suite on Fedora Linux