HackDig : Dig high-quality web security articles for hacker

Android Nougat’s worst anti-security mechanism

If you are a pentester like me, you are doing mobile application reviews on Android. One of the most important things to check is the server API. On the other hand we might want to see what possibilities a server has to influence the Android app with its responses. For both the easiest and most straight forward method is to do a Man-In-The-Middle attack in t
Publish At:2017-09-24 07:00 | Read:397 | Comments:0 | Tags:Android Fails Android Nougat Burp CA install fail snakeoil s

Activity wrap-up inlcuding AFL, CRASS and Burp

Here’s a little overview of my last few months: Thinking about using libjson? Maybe you should wait for a bug fix. Trying to fuzz Java code with afl-gcj was not a very pleasant experience. Made some efforts to show how to fuzz CGI scripts with AFL. My CRASS project that includes a script to grep for interesting security related tokens is constantly gr
Publish At:2016-11-25 12:20 | Read:1596 | Comments:0 | Tags:Various AFL afl-gcj Burp cgi CRASS Hackerone libjson

SAMLReQuest Burpsuite Extention

Security Assertion Markup Language (SAML) is an XML standard for exchanging authentication and authorization data between a Service Provider (SP) and an  Identification Provider (IdP). SAML is used in many Single Sign-On (SSO) implementations, when a user is authenticated once by IdP to access multiple related SPs. When a user requests to access a SP, it cre
Publish At:2016-06-06 19:35 | Read:1250 | Comments:0 | Tags:Tools burp SAML

BurpSentintel – Vulnerability Scanning Plugin For Burp Proxy

BurpSentintel is a plugin for Burp Intercepting Proxy, to aid and ease the identification of vulnerabilities in web applications.Searching for vulnerabilities in web applications can be a tedious task. Most of the time consists of inserting magic chars into parameters, and looking for suspicious output. Sentinel tries to automate parts of this laborous task.
Publish At:2014-09-03 16:20 | Read:1725 | Comments:0 | Tags:Hacking Tools Network Hacking burp burp intercepting proxy b


Share high-quality web security related articles with you:)


Tag Cloud