GraphQL APIs & Enumeration Basics
This blog post serves as an introduction to GraphQL. We will shine light on how the query language functions and some basic security considerations, as well as tools and techniques […]
Application Security
Find What Sparks Joy In Your Burp Suite Proxy History With Subtractive Scoping
Improving Quality-Of-Life With Simple Burp Suite Extensions (Part Two) The “right tool for the job” isn’t always the perfect tool for the job, and if you have been using Burp […]
New Burp Suite Extension Blows Your SOCKS Off
Improving Quality-Of-Life With Simple Burp Suite Extensions (Part One) If you have been using Burp Suite for a while, you probably have some ideas for small features or tweaks to […]
Hashcat Quick Guide Techniques & Tips
Password Cracking has its own large methodology when it comes to targeted methods of cracking passwords. You can consider English and other language models, passphrases, 1337sp34k translations, case MoDiFCaTiOn, distributed […]
APKLeaks: Discover Leaks Within APK Files
I was recently combing through GitHub for a tool that I tend to use on mobile application penetration tests when I came across APKLeaks. I currently make use of Mobile […]
Frevvo Vulnerability Disclosure
White Oak Security discovered a “Zip Slip” Authenticated Remote Code Execution vulnerability in Frevvo Live Forms. Frevvo Live Forms is a workflow automation software used to automate processes and forms. […]
Using DNS To Bypass SSRF Protections
On a recent web application penetration test, I identified a classic server-side request forgery (SSRF) vulnerability that used a Denylist in an attempt to prevent active exploitation. This post details […]
Blind XSS & GCP Functions: GCPXSSCanary
An Intro to Blind XSS & Secure GCP Functions During a recent engagement, I ran across an instance of potential Blind Cross-Site Scripting (XSS) while pentesting a web application. I […]
Burp Suite Macros – Reshaper Guide
Burp Suite Macros If you’ve performed web application pentests with Burp Suite for a while, you’ve certainly come across applications that don’t play nicely with Burp Suite’s out-of-the-box scanning. Perhaps […]
Fun With CORS
Cross-Origin Resource Sharing On a recent penetration test, we found an interesting misconfiguration that allowed us to use a CORS attack to steal session tokens directly. This made account compromise […]