- Mar 29, 2020 Mobile apps penetration testing in 2020
There are already great resources about mobile app security testing out there. So here I’m mostly just keep track of resources/approaches that worked for me (with additional comments), to have it in one place for the sake of future reference.
- Sep 12, 2019 Burp Suite Pro real-life tips & tricks: Looking for hidden attack surface and leaked secrets
Burp has some nice export features which (combined with some 3rd party tools) can greatly aid in the process of looking for additional/hidden endpoints and/or hardcoded secrets.
- Sep 9, 2019 Burp Suite Pro real-life tips & tricks: Persistent Access to Collaborator
It was already discussed here. Putting here for quick reference.
- Jul 21, 2019 Burp Suite Pro real-life tips & tricks: Authorization testing
In the past, I found (already quite old - presented in 2013) slide deck Burp Suite Pro real-life tips & tricks authored by Nicolas Grégoire very useful which gave me motivation to constantly look for effciencies in my day to day Burp Suite Pro usage. Since that time Burp has significantly evolved (major milestone - version 2.x was released) and lots of interesting 3rd party extensions were developed.
- May 10, 2019 LES: Linux privilege escalation auditing tool
LES security tool, developed and maintained by Z-Labs is the next generation version of the tool designed to assist the security tester/analyst in looking for critically vulnerable (i.e. locally exploitable) Linux machines during manual red tem/pentest engagement. In this post I will describe how the tool works and how to use it effectively.
- Nov 18, 2013 Autumn hiking in Owl Mountains
We climbed three additional peaks from Crown of Polish Mountains during recent hiking in Owl Mountains and near areas.
- Sep 12, 2013 Hiking in Dolomites
Some photos from this year’s hiking in Dolomites: