#31

burpsuite-project-file-parser

burpsuite-project-file-parser is an interesting tool to parse Burpsuite projects. It allows you to extract information from Burp’s project file to the terminal. You can then pipe it into other tools. I remember fighting with Burp to extract all URLs or JavaScript...

Web3 learning corner #6 – a $120,000 clickjacking

Capture the Ether I continued to solve tasks from Capture the Ether CTF. I completed the Public Key task which was rather easy - about retrieving a public key from an existing blockchain transaction. The Fuzzy Identity took me much longer than it should. It was quite...

Google Cloud Platform (GCP) Prize 2021

LiveOverflow published a video covering winners of GCP Prizes. It contains 6 reports about the Google Cloud Platform and all of them are awesome! They include sick tricks and some of the reports are very CTFy, in a good sense...

Bugcrowd researcher templates

Bugcrowd doesn’t stop to impress me recently. They created report templates that we can use. Importantly, they didn’t restrict the usage to their platform but they published them on the GitHub repo so you can also use them on other platforms. Here’s the repo:...

Learning GraphQL #1 – Basics

GraphQL is something that I’ve been willing to learn for a long time. Of course, I can understand the syntax or write a simple query but I lack the understanding of how things work from the developer’s perspective. So I’m going to make a series where we create a...

Advanced search in VS Code

When looking for bugs in the source code, Visual Studio Code is my IDE of choice. One of the most common features I use is searching: searching for vulnerable code patterns, searching for function usages, searching for variable names - I do it all the time. VS Code is...