#BurpHacksForBounties - Day 22/30
🤓🤓 Create your own Burp Extender Plugin in 3 tweets with Java.
Thank you Burp Suite for making it easy
#infosec #appsec #burp @BurpSuiteGuide #bugbountytips #bugbountytip #security
🤓🤓 Create your own Burp Extender Plugin in 3 tweets with Java.
Thank you Burp Suite for making it easy
#infosec #appsec #burp @BurpSuiteGuide #bugbountytips #bugbountytip #security
This media is not supported in your browser
VIEW IN TELEGRAM
#BurpHacksForBounties - Day 24/30
This is an amazing writeup which talks about using plugin in Burp that ease the journey for catching IDORs.
Writeup link: https://infosecwriteups.com/leveraging-burp-suite-extension-for-finding-idor-insecure-direct-object-reference-2653f9b89fd4
By
@dhanush
#infosec #appsec #bugbountytips #bugbountytip #bugbounty #security
This is an amazing writeup which talks about using plugin in Burp that ease the journey for catching IDORs.
Writeup link: https://infosecwriteups.com/leveraging-burp-suite-extension-for-finding-idor-insecure-direct-object-reference-2653f9b89fd4
By
@dhanush
#infosec #appsec #bugbountytips #bugbountytip #bugbounty #security
#BurpHacksForBounties - Day 25/30
Optimizing Burp Suite for better performance, these 4 simple steps and you would notice a big difference in performance.
#infosec #appsec #burp #security #bugbountytips #bugbounty
Optimizing Burp Suite for better performance, these 4 simple steps and you would notice a big difference in performance.
#infosec #appsec #burp #security #bugbountytips #bugbounty
#BurpHacksForBounties - Day 26/30
Красное сердцеUnderstand the different intruder attack types in Burp Suite
With visualizations at code level for better understanding.
Code level understanding in follow up thread 👇
#infosec #appsec #security #cybersecurity #bugbounty #bugbountytips
Красное сердцеUnderstand the different intruder attack types in Burp Suite
With visualizations at code level for better understanding.
Code level understanding in follow up thread 👇
#infosec #appsec #security #cybersecurity #bugbounty #bugbountytips
#BurpHacksForBounties - 27/30
See all different intruder attack types of Burp Suite as codes
- Sniper
- Battering RAM
- Cluster Bomb
- PitchFork
#infosec #appsec #bugbounty #bugbountytips #security #burp
See all different intruder attack types of Burp Suite as codes
- Sniper
- Battering RAM
- Cluster Bomb
- PitchFork
#infosec #appsec #bugbounty #bugbountytips #security #burp
This media is not supported in your browser
VIEW IN TELEGRAM
#BurpHacksForBounties - Day 28/30 - Super CSRF POC Generator Hack.
CSRF POC generator is only available in Burp Suite pro, but not anymore.
Use this -> https://github.com/merttasci/csrf-poc-generator by @mertistaken
#infosec #burp #appsec #security #bugbountytips #bugbountytip #cybersecurity
CSRF POC generator is only available in Burp Suite pro, but not anymore.
Use this -> https://github.com/merttasci/csrf-poc-generator by @mertistaken
#infosec #burp #appsec #security #bugbountytips #bugbountytip #cybersecurity
#BurpHacksForBounties - Day 29/30
No Collaborator No worries
Burp Suite Collaborator is part of pro, so use requestbin.net
- Exactly same as collaborator
- Free 20 requests without login
- HTTP bin
- DNS bin
#infosec #appsec #bugbountytips #bugbountytip #burp
No Collaborator No worries
Burp Suite Collaborator is part of pro, so use requestbin.net
- Exactly same as collaborator
- Free 20 requests without login
- HTTP bin
- DNS bin
#infosec #appsec #bugbountytips #bugbountytip #burp
Git-Secret
Go scripts for finding an API key / some keywords in a github repository
https://github.com/daffainfo/Git-Secret
#bugbounty #bugbountytips #pentest #api #infosec
Go scripts for finding an API key / some keywords in a github repository
https://github.com/daffainfo/Git-Secret
#bugbounty #bugbountytips #pentest #api #infosec
InfoSec BlackFriday Offers
- Books
- Courses
- Services
- Software
- Hardware
https://github.com/0x90n/InfoSec-Black-Friday
#BlackFriday #InfoSec
- Books
- Courses
- Services
- Software
- Hardware
https://github.com/0x90n/InfoSec-Black-Friday
#BlackFriday #InfoSec
Forwarded from Offensive Xwitter
😈 [ pdiscoveryio, ProjectDiscovery.io ]
The Ultimate Guide to Finding Bugs With Nuclei by @v3natoris
https://t.co/2GY3QZlTft
#hackwithautomation #cybersecurity #infosec #bugbounty
🔗 https://blog.projectdiscovery.io/ultimate-nuclei-guide/
🐥 [ tweet ]
The Ultimate Guide to Finding Bugs With Nuclei by @v3natoris
https://t.co/2GY3QZlTft
#hackwithautomation #cybersecurity #infosec #bugbounty
🔗 https://blog.projectdiscovery.io/ultimate-nuclei-guide/
🐥 [ tweet ]
❤🔥3🔥1
Forwarded from Offensive Xwitter
😈 [ fr0gger_, Thomas Roccia 🤘 ]
New EDR/AV evasion technique added to the #UnprotectProject by @Praetorian_GRD "Unloading Module Using FreeLibrary". Check out the detailed description, code snippet and CAPA rule👇 #cybersecurity #malware #infosec cf: @DarkCoderSc
https://t.co/Td7ogFwVcZ
🔗 https://unprotect.it/technique/unloading-module-with-freelibrary/
🐥 [ tweet ]
New EDR/AV evasion technique added to the #UnprotectProject by @Praetorian_GRD "Unloading Module Using FreeLibrary". Check out the detailed description, code snippet and CAPA rule👇 #cybersecurity #malware #infosec cf: @DarkCoderSc
https://t.co/Td7ogFwVcZ
🔗 https://unprotect.it/technique/unloading-module-with-freelibrary/
🐥 [ tweet ]
🔥3
Forwarded from Offensive Xwitter
😈 [ kleiton0x7e, Kleiton Kurti ]
We took a Cobalt Strike profile, modified it, and bypassed Crowdstrike & Sophos without encrypting the shellcode. Also bypassed all published YARA rules, sleep detections, and string detections around a CS beacon.
Blog: https://t.co/m7FNOwV6Nx
#CyberSecurity #redteam #infosec
🔗 https://whiteknightlabs.com/2023/05/23/unleashing-the-unseen-harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion/
🐥 [ tweet ]
We took a Cobalt Strike profile, modified it, and bypassed Crowdstrike & Sophos without encrypting the shellcode. Also bypassed all published YARA rules, sleep detections, and string detections around a CS beacon.
Blog: https://t.co/m7FNOwV6Nx
#CyberSecurity #redteam #infosec
🔗 https://whiteknightlabs.com/2023/05/23/unleashing-the-unseen-harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion/
🐥 [ tweet ]
👍7