Some time ago I participated in FAUSTCTF 2017 as a member of Bushwhackers team. During the CTF me and @inviz were responsible for the doedel service. Here is our solution.
I’ve been doing web penetration testing and webapp source code audits since 2010. During black box testing the main tool of choice is, not suprisingly, Burp Suite Pro. I always do the most crucials parts of analysis manually, so Burp Repeater is the tab where I spend most of my time.
My primary point of contact is: firstname.lastname@example.org. Please use PGP for sensitive stuff (below).