Bypassing Anti-CSRF with Burp Suite Session Handling

Using Burp Suite to bypass anti-CSRF protections with the built-in Session Handling and Macro recorder.…

Adding Burp Suite CA Certificate to Kali Linux Certificate Store

Quick blog post to offer instructions on how to add a Burp Suite CA certificate to the Kali Linux CA Store.…

eLearnSecurity's Web Application Penetration Tester Review

My thoughts on eLearnSecurity's Web App Penetration Testing course.…

Burp Suite 2.0 - Quick Review

Burp Suite 2.0 beta is now available to Professional users. This is a major upgrade, with a host of new features, including A new crawler, able to automatically handle sessions, detect changes in application state, crawl with multiple logins, and deal with volatile content.…

Learning to Pop XSS with Docx Files

Utilizing an unrestricted file upload vulnerability with Microsoft Docx files to exploit web applications with Cross-Site Scripting (XSS).…