Category Archives: proxy

Burp suite tip / tutorial: History logs at the top

When performing an assessment of a web application I’ll spend most of my time in the History tab under the Proxy tab quite a bit. By default Burp will append the latest request to the bottom of that History log which means that I have to keep scrolling down to see my latest request to […]

Burp suite tip / tutorial: renaming tabs

This will be a quick and simple tip that you may not have been aware of, you can rename tabs within Burp. A friend of mine who works out of Raleigh turned me onto this. I find new sometimes obvious and hidden features in Burp all the time and this is one of them.
I find […]

Download latest Metasploit behind restrictive firewalls

Sometimes when you want to grab the bleeding edge version of software you’ll need to utilize subversion (SVN). You can go and read Wikipedia’s take on SVN but basically SVN can be used to grab the latest snapshot of software. Grabbing Metasploit through SVN is the best way to get the latest exploits, payload, scanners, […]

Intro Video Tutorial for Webscarab

I have finally gotten around to posting a video tutorial of Webscarab. This tutorial merely covers the basics on Webscarab and is a mirror reflection of my written tutorial, Webscarab Tutorial Part 1 (learning the basics). I plan on continuing this video series as I did with my written tutorials. I have always been a […]

Webscarab Tutorial Part 3 (fuzzing)

Part 2 covered the neat functionality of session ID analysis within Webscarab. Now we’ll focus on another great function within Webscarab, fuzzing. I define fuzzing as testing the input of an application by trying various parameters that the input may not expect. These parameters don’t have to be random, in my opinion […]