7MS #626: Web Pentesting Pastiche 7 Minute Security podcast

Artwork

Tech Tech News Brian Johnson Information Security Security News

Content provided by Brian Johnson. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Brian Johnson or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

7 Minute Security « »
7MS #626: Web Pentesting Pastiche

1M ago 50:10

Share

MP3•Episode home

Content provided by Brian Johnson. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Brian Johnson or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Hey friends, today we’ve got a security milkshake episode about Web app pentesting. Specifically we talk about:

Burp Suite Enterprise
Caido – a lightweight alternative to Burp
wfuzz – Web fuzzer. Using a proxy:wfuzz -c -z file,/usr/share/wfuzz/wordlist/Injections/XSS.txt –sc 200 “https://somedomain.com/shopping?&qty=%2FUZZ” -p 10.0.7.11:8080
KNOXSS – for XSS testing – pairs nicely with this wrapper: https://github.com/xnl-h4ck3r/knoxnl

In the tangent dept, I moan about how I hate some things about Proxmox but am also starting to love it.

In the tangent #2 department, I talk about tinnitus and acupuncture!

… continue reading

630 episodes

#Tech #Tech News #Brian Johnson #Information Security #Security #News

Artwork

7MS #626: Web Pentesting Pastiche

7 Minute Security

28 subscribers

published 1M ago

Share

MP3•Episode home

Content provided by Brian Johnson. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Brian Johnson or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Hey friends, today we’ve got a security milkshake episode about Web app pentesting. Specifically we talk about:

Burp Suite Enterprise
Caido – a lightweight alternative to Burp
wfuzz – Web fuzzer. Using a proxy:wfuzz -c -z file,/usr/share/wfuzz/wordlist/Injections/XSS.txt –sc 200 “https://somedomain.com/shopping?&qty=%2FUZZ” -p 10.0.7.11:8080
KNOXSS – for XSS testing – pairs nicely with this wrapper: https://github.com/xnl-h4ck3r/knoxnl

In the tangent dept, I moan about how I hate some things about Proxmox but am also starting to love it.

In the tangent #2 department, I talk about tinnitus and acupuncture!

… continue reading

630 episodes

#Tech #Tech News #Brian Johnson #Information Security #Security #News

All episodes

×

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

Listen to 500+ topics

Quick Reference Guide

Top Podcasts

The Bill Simmons Podcast

Comedy of the Week

How Did This Get Made?

Doug Loves Movies

TED Talks Daily

NBC Nightly News with Lester Holt

The World This Hour

Daily Boost Motivation and Coaching

This American Life

Sword and Scale

Help/FAQ | Upgrade | Advertise

Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion

Science|Soccer|Sports|Storytelling|Technology|True Crime

Copyright 2024 | Sitemap | Privacy Policy | Terms of Service | | Copyright