note: I describe what works for me and I might not work for you. Multi tasking sounds great! If we could do 2 things at once we could save loads of time, right? For me there are a many things I can do at the same time, for example listening to podcast and walking. I...
Articles by Issue
Maybe our times are not that bad after all🤔
As my Twitter followers saw, last week I was in Gdańsk. It's a beautiful city over the Baltic sea but also a place where the 2nd World War started. It got me thinking about how grateful I am for living in the 21st century, even with the Covid pandemic. Why is...
iOS hacking videos
Have you ever hacked or tried hacking iOS applications, you know that there's little to no materials out there. Most of the time you need to try on your own or browse to the place never visited by anyone - the second page of google search results😳😬. However,...
How to write a Burp extension?
Have you ever thought about writing a Burp Suite extension? I certainly have but never really got to do that. Parsia Hakimian, a senior security engineer from Electronic Arts, whose $15k bug was also featured on the channel ($15,000 Playstation Now RCE via insecure...
Single most time-saving terminal trick
In the perfect world, every terminal command that you execute more than once you have automated, blah blah blah... 😒 Both you and I know this is not true. Many times you will have to write very similar commands over and over again. You can use up arrow to find lately...
IDOR cheat sheet
With modern frameworks secured by default from many popular vulnerabilities, I see that IDORs have a bigger share in my pentest reports. Usually with high risk as well. IDORs are: hard to find using DAST, SAST or source code review relatively easy to find for a human...
Hacking and exercising
From childhood, the sport has been a big part of my life. Football, judo, folk dancing, gym, floorball just to name a few activities I was doing. But when I went to university, a lot of that changed. Also, the sport lost its priority on behalf of studies and then on...
How to use Burp Macros
Since I saw someone using Burp macros, I've felt like it's a powerful feature that I've only used once or twice during my work. Thankfully, Akshita Gupta has written a whole article about it from which you can learn: what are burp macros how you can use it...
Exploiting X-Forwarded-For XSS by poisoning the cache
Very good article by Gal Nagli, describing the history of XSS exploited by poisoning the cache. The fact that you can do this is not anything new, but two points were important and you need to remember them if you ever encounter a cache poisoning bug. Not every file...
10 Burp Repeater tricks
I've prepared for you 10 tricks you can use in Burp's repeater tool. Those cover only built-in functionalities. Extensions will be covered sometime in the future. Let's get to it! CTRL+space First and foremost, don't use the bloody mouse to send the...