![Artwork](/static/images/128pixel.png)
Go offline with the Player FM app!
7MS #626: Web Pentesting Pastiche
Manage episode 421366076 series 2540717
Hey friends, today we’ve got a security milkshake episode about Web app pentesting. Specifically we talk about:
- Burp Suite Enterprise
- Caido – a lightweight alternative to Burp
- wfuzz – Web fuzzer. Using a proxy:wfuzz -c -z file,/usr/share/wfuzz/wordlist/Injections/XSS.txt –sc 200 “https://somedomain.com/shopping?&qty=%2FUZZ” -p 10.0.7.11:8080
- KNOXSS – for XSS testing – pairs nicely with this wrapper: https://github.com/xnl-h4ck3r/knoxnl
In the tangent dept, I moan about how I hate some things about Proxmox but am also starting to love it.
In the tangent #2 department, I talk about tinnitus and acupuncture!
630 episodes
Manage episode 421366076 series 2540717
Hey friends, today we’ve got a security milkshake episode about Web app pentesting. Specifically we talk about:
- Burp Suite Enterprise
- Caido – a lightweight alternative to Burp
- wfuzz – Web fuzzer. Using a proxy:wfuzz -c -z file,/usr/share/wfuzz/wordlist/Injections/XSS.txt –sc 200 “https://somedomain.com/shopping?&qty=%2FUZZ” -p 10.0.7.11:8080
- KNOXSS – for XSS testing – pairs nicely with this wrapper: https://github.com/xnl-h4ck3r/knoxnl
In the tangent dept, I moan about how I hate some things about Proxmox but am also starting to love it.
In the tangent #2 department, I talk about tinnitus and acupuncture!
630 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.