A simple Burp Extender enabling you to implement the "grep extract" functionality from Intruder within proxy requests and responses.
I recently had some luck using HTML 5 event handlers to exploit XSS. This post includes some of the outcomes and a bit of how to replicate the steps using Burp Suite's Intruder using some wordlists stuck at the end of this post. The target had attempted to use blacklisting to prevent dangerous tags and… Continue reading XSS using HTML 5 Event Handlers
I failed upwards into management a few years ago. This means that I effectively opened an office for my employer and was responsible for finding, evaluating, recruiting, onboarding and generally looking after a team in Glasgow. This has been a privilege and for the most part the last two years has been a riot. We… Continue reading Exit Interview