#pen-testing — Public Fediverse posts

Day 12 #Pentesting: SQL injection exploitation techniques that actually matter on engagements.

The jump from "I found an injection" to "here's the admin password hash" requires systematic work:

```
-- Find columns
' ORDER BY 3-- -
-- Find visible column
' UNION SELECT 'a','b','c'-- -
-- Extract data
' UNION SELECT null,CONCAT(user,':',pass),null FROM users-- -
```

Blind SQLi is where patience gets tested. One character at a time via boolean conditions. sqlmap handles the automation, but understand the manual process first.

#Infosec #Websecurity #Cybersecurity #Ctf

Caido v0.56.1 released

https://secburg.com/posts/caido-v0561-released/

#caido #web #pentesting #webapp

Caido v0.56.1 released

https://secburg.com/posts/caido-v0561-released/

#caido #web #pentesting #webapp

Day 10 of #Pentesting challenge: OWASP Top 10 overview.

The 2021 reshuffle is data-driven from 500k+ real apps. Key shifts:

- A01 Broken Access Control: #5 -> #1. IDORs dominate pentest findings.
- A03 Injection: #1 -> #3. Frameworks improved defaults.
- A10 SSRF: New entry after Capital One breach.

Quick IDOR test with curl:
```
# Log in as user A, try user B's resource
curl -H "Cookie: session=abc123" \
https://app.example.com/api/orders/5001
```

If you get order 5001 and it's not yours, that's A01.

Pair the Top 10 with the OWASP WSTG for specific test procedures. The Top 10 tells you what matters; the WSTG tells you how to test it.

#Owasp #Appsec #Infosec #Cybersecurity

🍵 HTB Support Walkthrough 🍵

Learn how to perform:
- LDAP Enumeration
- .NET Reverse Engineering
- Bloodhound Enumeration
- Resource Based Constraint Delegation

🎬️Watch it here:
https://www.youtube.com/watch?v=VIgskjoELo0

#HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

🍵 HTB Support Walkthrough 🍵

Learn how to perform:
- LDAP Enumeration
- .NET Reverse Engineering
- Bloodhound Enumeration
- Resource Based Constraint Delegation

🎬️Watch it here:
https://www.youtube.com/watch?v=VIgskjoELo0

#HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

Wireless pentesting is about finding weak spots in Wi-Fi and other wireless networks by capturing traffic, analyzing signals, and testing how well authentication holds up against real-world attacks.

Here are popular wireless pentest tools 😎👇

Find high-res pdf ebooks with all my Linux and cybersecurity related infographics at https://study-notes.org

#cybersecurity #wifi #wifihacking #pentesting #networksecurity

Wireless pentesting is about finding weak spots in Wi-Fi and other wireless networks by capturing traffic, analyzing signals, and testing how well authentication holds up against real-world attacks.

Here are popular wireless pentest tools 😎👇

Find high-res pdf ebooks with all my Linux and cybersecurity related infographics at https://study-notes.org

#cybersecurity #wifi #wifihacking #pentesting #networksecurity

Wireless pentesting is about finding weak spots in Wi-Fi and other wireless networks by capturing traffic, analyzing signals, and testing how well authentication holds up against real-world attacks.

Here are popular wireless pentest tools 😎👇

Find high-res pdf ebooks with all my Linux and cybersecurity related infographics at https://study-notes.org

#cybersecurity #wifi #wifihacking #pentesting #networksecurity

Wireless pentesting is about finding weak spots in Wi-Fi and other wireless networks by capturing traffic, analyzing signals, and testing how well authentication holds up against real-world attacks.

Here are popular wireless pentest tools 😎👇

Find high-res pdf ebooks with all my Linux and cybersecurity related infographics at https://study-notes.org

#cybersecurity #wifi #wifihacking #pentesting #networksecurity

Mini Pen Test Diaries Story:

The year was 2010, and I was onsite at a UK local authority doing an internal network assessment.

One of the tasks was - if given a standard, non-privileged, domain user account, with minimal access afforded to it - what could I do? Could I access sensitive documents? Could I login to systems I shouldn't be able to? Could I elevate myself. Standard stuff.

I got my account, and immediately started fishing around the main file share with the users home directories on it. To my immense surprise, I found out that I was able to access the content of every single users home directory. Including all the top level folks.

They must've accidentally given me some account in an IT group or something, so I check it out. Nope - groups look normal.

The permissions on the share look pretty normal too.

I play around with the account more and more and encounter zero resistance to anything, access wise.

Something must be very wrong - but what?

Finally I go over and speak to the IT people who I'd been working with.

"So," I said. "This account, it's supposed to have a very minimal permissions set right?"

"Yes, the lowest of the low." They reply.

"So how come I can get into all these files?" I ask, and show them my rummaging around the very senior peoples confidential files.

"You shouldn't be able to do that!!"

Now, the three of us are rapidly trying to figure out what the heck is going on. It's surprisingly difficult to figure out.

Eventually, I make what to this day remains one of my all time favorite pen testing discoveries.

This organisation, had somehow, managed to add the entire "Domain Users" group to the "Domain Admins" group!

All 1,500 people who worked there, had domain admin access. And after investigation, we found out it had been like that for 10 months.

Someone couldn't get something working, until they found this "fix".

Amazing.

For more, slightly less mini pen test diaries stories, check out https://infosecdiaries.com.

#infosec #pentest #pentesting

Mini Pen Test Diaries Story:

The year was 2010, and I was onsite at a UK local authority doing an internal network assessment.

One of the tasks was - if given a standard, non-privileged, domain user account, with minimal access afforded to it - what could I do? Could I access sensitive documents? Could I login to systems I shouldn't be able to? Could I elevate myself. Standard stuff.

I got my account, and immediately started fishing around the main file share with the users home directories on it. To my immense surprise, I found out that I was able to access the content of every single users home directory. Including all the top level folks.

They must've accidentally given me some account in an IT group or something, so I check it out. Nope - groups look normal.

The permissions on the share look pretty normal too.

I play around with the account more and more and encounter zero resistance to anything, access wise.

Something must be very wrong - but what?

Finally I go over and speak to the IT people who I'd been working with.

"So," I said. "This account, it's supposed to have a very minimal permissions set right?"

"Yes, the lowest of the low." They reply.

"So how come I can get into all these files?" I ask, and show them my rummaging around the very senior peoples confidential files.

"You shouldn't be able to do that!!"

Now, the three of us are rapidly trying to figure out what the heck is going on. It's surprisingly difficult to figure out.

Eventually, I make what to this day remains one of my all time favorite pen testing discoveries.

This organisation, had somehow, managed to add the entire "Domain Users" group to the "Domain Admins" group!

All 1,500 people who worked there, had domain admin access. And after investigation, we found out it had been like that for 10 months.

Someone couldn't get something working, until they found this "fix".

Amazing.

For more, slightly less mini pen test diaries stories, check out https://infosecdiaries.com.

#infosec #pentest #pentesting

Mini Pen Test Diaries Story:

The year was 2010, and I was onsite at a UK local authority doing an internal network assessment.

One of the tasks was - if given a standard, non-privileged, domain user account, with minimal access afforded to it - what could I do? Could I access sensitive documents? Could I login to systems I shouldn't be able to? Could I elevate myself. Standard stuff.

I got my account, and immediately started fishing around the main file share with the users home directories on it. To my immense surprise, I found out that I was able to access the content of every single users home directory. Including all the top level folks.

They must've accidentally given me some account in an IT group or something, so I check it out. Nope - groups look normal.

The permissions on the share look pretty normal too.

I play around with the account more and more and encounter zero resistance to anything, access wise.

Something must be very wrong - but what?

Finally I go over and speak to the IT people who I'd been working with.

"So," I said. "This account, it's supposed to have a very minimal permissions set right?"

"Yes, the lowest of the low." They reply.

"So how come I can get into all these files?" I ask, and show them my rummaging around the very senior peoples confidential files.

"You shouldn't be able to do that!!"

Now, the three of us are rapidly trying to figure out what the heck is going on. It's surprisingly difficult to figure out.

Eventually, I make what to this day remains one of my all time favorite pen testing discoveries.

This organisation, had somehow, managed to add the entire "Domain Users" group to the "Domain Admins" group!

All 1,500 people who worked there, had domain admin access. And after investigation, we found out it had been like that for 10 months.

Someone couldn't get something working, until they found this "fix".

Amazing.

For more, slightly less mini pen test diaries stories, check out https://infosecdiaries.com.

#infosec #pentest #pentesting

Mini Pen Test Diaries Story:

The year was 2010, and I was onsite at a UK local authority doing an internal network assessment.

One of the tasks was - if given a standard, non-privileged, domain user account, with minimal access afforded to it - what could I do? Could I access sensitive documents? Could I login to systems I shouldn't be able to? Could I elevate myself. Standard stuff.

I got my account, and immediately started fishing around the main file share with the users home directories on it. To my immense surprise, I found out that I was able to access the content of every single users home directory. Including all the top level folks.

They must've accidentally given me some account in an IT group or something, so I check it out. Nope - groups look normal.

The permissions on the share look pretty normal too.

I play around with the account more and more and encounter zero resistance to anything, access wise.

Something must be very wrong - but what?

Finally I go over and speak to the IT people who I'd been working with.

"So," I said. "This account, it's supposed to have a very minimal permissions set right?"

"Yes, the lowest of the low." They reply.

"So how come I can get into all these files?" I ask, and show them my rummaging around the very senior peoples confidential files.

"You shouldn't be able to do that!!"

Now, the three of us are rapidly trying to figure out what the heck is going on. It's surprisingly difficult to figure out.

Eventually, I make what to this day remains one of my all time favorite pen testing discoveries.

This organisation, had somehow, managed to add the entire "Domain Users" group to the "Domain Admins" group!

All 1,500 people who worked there, had domain admin access. And after investigation, we found out it had been like that for 10 months.

Someone couldn't get something working, until they found this "fix".

Amazing.

For more, slightly less mini pen test diaries stories, check out https://infosecdiaries.com.

#infosec #pentest #pentesting

Mini Pen Test Diaries Story:

The year was 2010, and I was onsite at a UK local authority doing an internal network assessment.

One of the tasks was - if given a standard, non-privileged, domain user account, with minimal access afforded to it - what could I do? Could I access sensitive documents? Could I login to systems I shouldn't be able to? Could I elevate myself. Standard stuff.

I got my account, and immediately started fishing around the main file share with the users home directories on it. To my immense surprise, I found out that I was able to access the content of every single users home directory. Including all the top level folks.

They must've accidentally given me some account in an IT group or something, so I check it out. Nope - groups look normal.

The permissions on the share look pretty normal too.

I play around with the account more and more and encounter zero resistance to anything, access wise.

Something must be very wrong - but what?

Finally I go over and speak to the IT people who I'd been working with.

"So," I said. "This account, it's supposed to have a very minimal permissions set right?"

"Yes, the lowest of the low." They reply.

"So how come I can get into all these files?" I ask, and show them my rummaging around the very senior peoples confidential files.

"You shouldn't be able to do that!!"

Now, the three of us are rapidly trying to figure out what the heck is going on. It's surprisingly difficult to figure out.

Eventually, I make what to this day remains one of my all time favorite pen testing discoveries.

This organisation, had somehow, managed to add the entire "Domain Users" group to the "Domain Admins" group!

All 1,500 people who worked there, had domain admin access. And after investigation, we found out it had been like that for 10 months.

Someone couldn't get something working, until they found this "fix".

Amazing.

For more, slightly less mini pen test diaries stories, check out https://infosecdiaries.com.

#infosec #pentest #pentesting

💳 PCI DSS compliance ≠ real security.
Scans alone won’t stop attackers.

▶️ https://7asecurity.com/blog/2026/05/pci-dss-vulnerability-management/

#CyberSecurity #PCIDSS #PenTesting

Alguien construyó 35 agentes de pentesting de IA para Claude Code... y es honestamente una locura.

Ataques AD, explotación web, pentests en la nube, análisis de malware, ingeniería inversa, operaciones C2, incluso red teaming de LLM — todo dentro de un solo marco.

Este es uno de los proyectos de IA de seguridad ofensiva más avanzados que he visto en GitHub últimamente.

🔗 https://github.com/0xSteph/pentest-ai-agents

#CyberSecurity #Pentesting #RedTeam #AI #OSINT

Alguien construyó 35 agentes de pentesting de IA para Claude Code... y es honestamente una locura.

Ataques AD, explotación web, pentests en la nube, análisis de malware, ingeniería inversa, operaciones C2, incluso red teaming de LLM — todo dentro de un solo marco.

Este es uno de los proyectos de IA de seguridad ofensiva más avanzados que he visto en GitHub últimamente.

🔗 https://github.com/0xSteph/pentest-ai-agents

#CyberSecurity #Pentesting #RedTeam #AI #OSINT

Alguien construyó 35 agentes de pentesting de IA para Claude Code... y es honestamente una locura.

Ataques AD, explotación web, pentests en la nube, análisis de malware, ingeniería inversa, operaciones C2, incluso red teaming de LLM — todo dentro de un solo marco.

Este es uno de los proyectos de IA de seguridad ofensiva más avanzados que he visto en GitHub últimamente.

🔗 https://github.com/0xSteph/pentest-ai-agents

#CyberSecurity #Pentesting #RedTeam #AI #OSINT

Alguien construyó 35 agentes de pentesting de IA para Claude Code... y es honestamente una locura.

Ataques AD, explotación web, pentests en la nube, análisis de malware, ingeniería inversa, operaciones C2, incluso red teaming de LLM — todo dentro de un solo marco.

Este es uno de los proyectos de IA de seguridad ofensiva más avanzados que he visto en GitHub últimamente.

🔗 https://github.com/0xSteph/pentest-ai-agents

#CyberSecurity #Pentesting #RedTeam #AI #OSINT

Alguien construyó 35 agentes de pentesting de IA para Claude Code... y es honestamente una locura.

Ataques AD, explotación web, pentests en la nube, análisis de malware, ingeniería inversa, operaciones C2, incluso red teaming de LLM — todo dentro de un solo marco.

Este es uno de los proyectos de IA de seguridad ofensiva más avanzados que he visto en GitHub últimamente.

🔗 https://github.com/0xSteph/pentest-ai-agents

#CyberSecurity #Pentesting #RedTeam #AI #OSINT

Seven FuelCMS CVEs documented. XSS callbacks now show IP and headers. Website Scanner detects exposed private keys passively. Scheduled scan exports. API risk filtering.

Also: free scanner for CVE-2026-41940, the cPanel auth bypass exploited for 64 days before a patch existed. No account needed.

https://pentest-tools.com/network-vulnerability-scanning/cve-2026-41940-scanner-cpanel-authentication-bypass

#infosec #pentesting #vulnerabilitymanagement

Seven FuelCMS CVEs documented. XSS callbacks now show IP and headers. Website Scanner detects exposed private keys passively. Scheduled scan exports. API risk filtering.

Also: free scanner for CVE-2026-41940, the cPanel auth bypass exploited for 64 days before a patch existed. No account needed.

https://pentest-tools.com/network-vulnerability-scanning/cve-2026-41940-scanner-cpanel-authentication-bypass

#infosec #pentesting #vulnerabilitymanagement

Seven FuelCMS CVEs documented. XSS callbacks now show IP and headers. Website Scanner detects exposed private keys passively. Scheduled scan exports. API risk filtering.

Also: free scanner for CVE-2026-41940, the cPanel auth bypass exploited for 64 days before a patch existed. No account needed.

https://pentest-tools.com/network-vulnerability-scanning/cve-2026-41940-scanner-cpanel-authentication-bypass

#infosec #pentesting #vulnerabilitymanagement

Seven FuelCMS CVEs documented. XSS callbacks now show IP and headers. Website Scanner detects exposed private keys passively. Scheduled scan exports. API risk filtering.

Also: free scanner for CVE-2026-41940, the cPanel auth bypass exploited for 64 days before a patch existed. No account needed.

https://pentest-tools.com/network-vulnerability-scanning/cve-2026-41940-scanner-cpanel-authentication-bypass

#infosec #pentesting #vulnerabilitymanagement

Seven FuelCMS CVEs documented. XSS callbacks now show IP and headers. Website Scanner detects exposed private keys passively. Scheduled scan exports. API risk filtering.

Also: free scanner for CVE-2026-41940, the cPanel auth bypass exploited for 64 days before a patch existed. No account needed.

https://pentest-tools.com/network-vulnerability-scanning/cve-2026-41940-scanner-cpanel-authentication-bypass

#infosec #pentesting #vulnerabilitymanagement

Is #kali still what the cool red-teamers are using? I know #parrotos became semi a thing for a while, and I never really knew anything about stuff like #blackarch . I was thinking about trying to go after some #HTB boxes again, even though I struggle with motivation without anyone else working alongside me.

#askfedi #redteam #pentesting #hackthebox

Is #kali still what the cool red-teamers are using? I know #parrotos became semi a thing for a while, and I never really knew anything about stuff like #blackarch . I was thinking about trying to go after some #HTB boxes again, even though I struggle with motivation without anyone else working alongside me.

#askfedi #redteam #pentesting #hackthebox

Is #kali still what the cool red-teamers are using? I know #parrotos became semi a thing for a while, and I never really knew anything about stuff like #blackarch . I was thinking about trying to go after some #HTB boxes again, even though I struggle with motivation without anyone else working alongside me.

#askfedi #redteam #pentesting #hackthebox

I just solved Plug & Pray on Hack The Box! https://labs.hackthebox.com/achievement/challenge/2026525/1206 #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting

I just solved Utterly Broken Shell on Hack The Box! https://labs.hackthebox.com/achievement/challenge/2026525/1215 #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting

I just solved Utterly Broken Shell on Hack The Box! https://labs.hackthebox.com/achievement/challenge/2026525/1215 #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting

El lado del mal - Foro Público de Ciberseguridad de Chema Alonso "old school" sobre lo que pasa cada día https://www.elladodelmal.com/2026/05/foro-publico-de-ciberseguridad-de-chema.html #Foro #Ciberseguridad #Actualidad #hacking #ciberdefensa #CISO #cibercrimen #hacking #pentesting #MyPublicInbox

El lado del mal - Foro Público de Ciberseguridad de Chema Alonso "old school" sobre lo que pasa cada día https://www.elladodelmal.com/2026/05/foro-publico-de-ciberseguridad-de-chema.html #Foro #Ciberseguridad #Actualidad #hacking #ciberdefensa #CISO #cibercrimen #hacking #pentesting #MyPublicInbox

El lado del mal - Foro Público de Ciberseguridad de Chema Alonso "old school" sobre lo que pasa cada día https://www.elladodelmal.com/2026/05/foro-publico-de-ciberseguridad-de-chema.html #Foro #Ciberseguridad #Actualidad #hacking #ciberdefensa #CISO #cibercrimen #hacking #pentesting #MyPublicInbox

El lado del mal - Foro Público de Ciberseguridad de Chema Alonso "old school" sobre lo que pasa cada día https://www.elladodelmal.com/2026/05/foro-publico-de-ciberseguridad-de-chema.html #Foro #Ciberseguridad #Actualidad #hacking #ciberdefensa #CISO #cibercrimen #hacking #pentesting #MyPublicInbox

El lado del mal - Foro Público de Ciberseguridad de Chema Alonso "old school" sobre lo que pasa cada día https://www.elladodelmal.com/2026/05/foro-publico-de-ciberseguridad-de-chema.html #Foro #Ciberseguridad #Actualidad #hacking #ciberdefensa #CISO #cibercrimen #hacking #pentesting #MyPublicInbox

For those of you working with Android emulators and wondering why Burp isn't proxying anything, but you have everything setup properly (Proxy settings, CA cert in system, etc.), make sure wi-fi is disabled in the simulator, i.e. force it to use the "mobile" network.

It's been too long, and it was a long Sunday when I figured this out. Yes, Wireshark got involved....

#pentesting #android #forgetwhatyoudonotuseoften

For those of you working with Android emulators and wondering why Burp isn't proxying anything, but you have everything setup properly (Proxy settings, CA cert in system, etc.), make sure wi-fi is disabled in the simulator, i.e. force it to use the "mobile" network.

It's been too long, and it was a long Sunday when I figured this out. Yes, Wireshark got involved....

#pentesting #android #forgetwhatyoudonotuseoften

For those of you working with Android emulators and wondering why Burp isn't proxying anything, but you have everything setup properly (Proxy settings, CA cert in system, etc.), make sure wi-fi is disabled in the simulator, i.e. force it to use the "mobile" network.

It's been too long, and it was a long Sunday when I figured this out. Yes, Wireshark got involved....

#pentesting #android #forgetwhatyoudonotuseoften

For those of you working with Android emulators and wondering why Burp isn't proxying anything, but you have everything setup properly (Proxy settings, CA cert in system, etc.), make sure wi-fi is disabled in the simulator, i.e. force it to use the "mobile" network.

It's been too long, and it was a long Sunday when I figured this out. Yes, Wireshark got involved....

#pentesting #android #forgetwhatyoudonotuseoften

For those of you working with Android emulators and wondering why Burp isn't proxying anything, but you have everything setup properly (Proxy settings, CA cert in system, etc.), make sure wi-fi is disabled in the simulator, i.e. force it to use the "mobile" network.

It's been too long, and it was a long Sunday when I figured this out. Yes, Wireshark got involved....

#pentesting #android #forgetwhatyoudonotuseoften

Pi Slate – A Raspberry Pi 5 handheld Linux cyberdeck with a 5-inch 1280×720 touchscreen display

https://fed.brid.gy/r/https://www.cnx-software.com/2026/05/11/pi-slate-a-raspberry-pi-5-handheld-linux-cyberdeck-with-a-5-inch-1280x720-touchscreen-display/

Pi Slate – A Raspberry Pi 5 handheld Linux cyberdeck with a 5-inch 1920×720 touchscreen display

https://fed.brid.gy/r/https://www.cnx-software.com/2026/05/11/pi-slate-a-raspberry-pi-5-handheld-linux-cyberdeck-with-a-5-inch-1920x720-touchscreen-display/

Persistence on Windows

There are various ways hackers maintain persistence on Windows machines. Here is Part 1. Helpful for both red and blue teams, as we still occasionally see teams struggle to detect these techniques

https://hackers-arise.com/advanced-windows-persistence-part-1-remaining-inside-the-windows-target/
#cybersecurity #pentesting #windows

Persistence on Windows

There are various ways hackers maintain persistence on Windows machines. Here is Part 1. Helpful for both red and blue teams, as we still occasionally see teams struggle to detect these techniques

https://hackers-arise.com/advanced-windows-persistence-part-1-remaining-inside-the-windows-target/
#cybersecurity #pentesting #windows

Persistence on Windows

There are various ways hackers maintain persistence on Windows machines. Here is Part 1. Helpful for both red and blue teams, as we still occasionally see teams struggle to detect these techniques

https://hackers-arise.com/advanced-windows-persistence-part-1-remaining-inside-the-windows-target/
#cybersecurity #pentesting #windows

Persistence on Windows

There are various ways hackers maintain persistence on Windows machines. Here is Part 1. Helpful for both red and blue teams, as we still occasionally see teams struggle to detect these techniques

https://hackers-arise.com/advanced-windows-persistence-part-1-remaining-inside-the-windows-target/
#cybersecurity #pentesting #windows

Persistence on Windows

There are various ways hackers maintain persistence on Windows machines. Here is Part 1. Helpful for both red and blue teams, as we still occasionally see teams struggle to detect these techniques

https://hackers-arise.com/advanced-windows-persistence-part-1-remaining-inside-the-windows-target/
#cybersecurity #pentesting #windows

🍵 HTB Sauna Walkthrough 🍵

Learn how to perform:
- Username Enumeration
- AS-REP Roasting
- BloodHound Enumeration
- DCSync Attack

🎬️Watch it here:
https://www.youtube.com/watch?v=WsBBGzcq0nI

#HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

🍵 HTB Sauna Walkthrough 🍵

Learn how to perform:
- Username Enumeration
- AS-REP Roasting
- BloodHound Enumeration
- DCSync Attack

🎬️Watch it here:
https://www.youtube.com/watch?v=WsBBGzcq0nI

#HTB #HackTheBox #OSCP #Pentesting #EthicalHacking #Cybersecurity #RedTeam #CTF

Day 9 pentesting challenge: Burp Suite beyond the Proxy tab.

Real workflow chain: Proxy -> spot param -> Repeater to confirm reflection -> Intruder with payload list -> Comparer to diff results.

Quick IDOR test setup:
```http
GET /api/users/$$ID$$/profile HTTP/1.1
Authorization: Bearer <low_priv_token>
```
Payload: numbers 1-5000. Sort by response length. 403s cluster at ~90 bytes. Leaked profiles show up at 1200+. The outliers are your findings.

Community Edition caveat: Intruder is throttled to ~1 req/sec. Keep wordlists under 200 entries or grab coffee.

#Infosec #Pentesting #Burpsuite #Appsec #Hacking

Pentesters often use browser extensions because they keep testing close to the web app—making it easier to inspect cookies, tweak traffic, and catch client-side issues without constantly switching tools

Here are useful browser extensions for pentesting 😎👇

Find high-res pdf ebooks with all my cybersecurity related infographics at https://study-notes.org

#pentesting #cybersecurity #hackingtools #learnhacking #ethicalhacker

Pentesters often use browser extensions because they keep testing close to the web app—making it easier to inspect cookies, tweak traffic, and catch client-side issues without constantly switching tools

Here are useful browser extensions for pentesting 😎👇

Find high-res pdf ebooks with all my cybersecurity related infographics at https://study-notes.org

#pentesting #cybersecurity #hackingtools #learnhacking #ethicalhacker

Pentesters often use browser extensions because they keep testing close to the web app—making it easier to inspect cookies, tweak traffic, and catch client-side issues without constantly switching tools

Here are useful browser extensions for pentesting 😎👇

Find high-res pdf ebooks with all my cybersecurity related infographics at https://study-notes.org

#pentesting #cybersecurity #hackingtools #learnhacking #ethicalhacker

Pentesters often use browser extensions because they keep testing close to the web app—making it easier to inspect cookies, tweak traffic, and catch client-side issues without constantly switching tools

Here are useful browser extensions for pentesting 😎👇

Find high-res pdf ebooks with all my cybersecurity related infographics at https://study-notes.org

#pentesting #cybersecurity #hackingtools #learnhacking #ethicalhacker

El lado del mal - El impacto de Mythos en concreto y la IA en general en el trabajo de los CISOs https://elladodelmal.com/2026/05/el-impacto-de-mythos-en-concreto-y-la.html #Mythos #IA #AI #Mythos #InteligenciaArtificial #Bugs #Bug #Exploit #Exploiting #Hacking #CISO #pentesting

El lado del mal - El impacto de Mythos en concreto y la IA en general en el trabajo de los CISOs https://elladodelmal.com/2026/05/el-impacto-de-mythos-en-concreto-y-la.html #Mythos #IA #AI #Mythos #InteligenciaArtificial #Bugs #Bug #Exploit #Exploiting #Hacking #CISO #pentesting

El lado del mal - El impacto de Mythos en concreto y la IA en general en el trabajo de los CISOs https://elladodelmal.com/2026/05/el-impacto-de-mythos-en-concreto-y-la.html #Mythos #IA #AI #Mythos #InteligenciaArtificial #Bugs #Bug #Exploit #Exploiting #Hacking #CISO #pentesting

El lado del mal - El impacto de Mythos en concreto y la IA en general en el trabajo de los CISOs https://elladodelmal.com/2026/05/el-impacto-de-mythos-en-concreto-y-la.html #Mythos #IA #AI #Mythos #InteligenciaArtificial #Bugs #Bug #Exploit #Exploiting #Hacking #CISO #pentesting