-
```
One of the main advantages of using open source webapp penetration testing tools is
that by tweaking the available code, the pentester is able to customize the checks
that are running against his …
-
Set up pentesting experiment leveraging hackerone/mics.
Should compare us vs baseline.
It may be valuable to compare today vs end of project
-
One of the main security issue in PHP could be XSS vulnerabilities. THis easily occur in newbies projects, with plain simple reflected stuff like:
```php
echo "Hello, {$_GET['username']}";
```
B…
-
Should include:
* High level overview
* What to expect as a business owner / blue-teamer
* What to expect as a pentester / red-teamer
-
```
The idea is to list a set of tasks for the pentester to perform.
These could be self generated, but it would also be great to base them on things like
the OWASP testers guide.
And maybe they could…
-
### Important
Mark with [x] to select. Leave as [ ] to unselect.
### When reporting a bug/issue:
- [ ] Screenshot
- [x] The FontForge version and the operating system you're using
fontforge-2…
-
On real (non-CTF) systems, lse.sh can be extremely slow, especially when the host's filesystem contains a huge amount of data.
To skip tasks that seem to hang for hours, currently one needs to spec…
-
As per Kurono teaching pathway document:
Recreate worksheets 1 and 2: both pupil and teacher versions
-
```
ZAP, like many scanners, treats each request as 'stand-alone' and therefore typically
can not find vulnerabilities that involve a series of ordered steps (like a wizard).
This development should:
…
-
.M"""bgd `7MM"""YMM MMP""MM""YMM
,MI "Y MM `7 P' MM `7
`MMb. MM d MM
`YMMNq. MMmmMM MM
. `MM MM Y , MM
…