FAUSTCTF2017 doedel writeup

Some time ago I participated in FAUSTCTF 2017 as a member of Bushwhackers team. During the CTF me and @inviz were responsible for the doedel service. Here is our solution.

Read More

How to make Burp better

I’ve been doing web penetration testing and webapp source code audits since 2010. During black box testing the main tool of choice is, not suprisingly, Burp Suite Pro. I always do the most crucials parts of analysis manually, so Burp Repeater is the tab where I spend most of my time.

Read More

Contacts

My primary point of contact is: webpentest@gmail.com. Please use PGP for sensitive stuff (below).

Read More