Hello All,
Let me begin by thanking every individual for visiting, liking and giving me feedback for my previous blog post.
This week we will cover mainly resources related to information security.
1. Burp Suite: Scoping out your project
Burp suite is one of the swiss army knife tools for pentesters. Scoping is an essential part of auditing the application. I believe this would be really helpful to bug hunters and pentesters while performing a security assessment for the web application.
2. Understanding Burp Suite Intruder Attack Types
Most of us would have used Burp Suite for web application pen-testing. Burp suite intruder tab helps the attacker to fuzz the parameters used in the HTTP request. Fuzzing can be used to find multiple vulnerabilities in a web application like SQL injection, Cross site scripting, brute-force username, and password, etc.
3. Using Burp Suite Match and Replace Settings
A (10 min read) article was written in order to perform privilege escalation or find hidden features of the web application. Just by replacing parameter values like "true", "false" ,"admin", "guest", "0", "1", etc. we may get some amazing results. A must read an article for bug hunters.
I hope you like the resources which I have shared and will be informative in some or other way.
No comments:
Post a Comment
Thanks for reading the post! Please leave your feedback here :)