Project Discovery – Fuzzing Templates

Project Discovery has many amazing tools and useful repositories. Nuclei is one of the tools used daily and one of the best template lists for nuclei usage is Nuclei-Templates. Besides that awesome template collection, it exists that could help to find that finding is hiding with Nuclei-Templates. According to its description: Fuzzing templates are used with nuclei scanner which powers the actual scanning engine. This repository contains various fuzzing templates for the

Burp Suite Academy: SQL injection vulnerability allowing login bypassBurp Suite Academy

This lab contains a SQL injection vulnerability in the login function.To solve the lab, perform a SQL injection attack that logs in to the application as the administrator user. Click on «My account»: We can see that the request is sent by POST. The value we add to the username field will be included in the request.We’ll use this field directly in the browser to add the payload. We can try the

Feroxbuster – content discovery tool

According its description: Feroxbuster is a simple, fast, recursive content discovery tool written in Rust. Install ❯ curl -sL | bash -s $HOME/.local/bin Useful options Target selection: Composite settings: Proxy settings: Request settings: Request filters: Response filters: Client settings: Scan settings: Dynamic collection settings: Output settings: Update settings: Usage examples ❯ ./feroxbuster -u -w ~/tools/SecLists/Discovery/Web-Content/raft-medium-directories.txt -s 200

Obsidian – How to detect and delete orphan notes and attachments

One functionality I miss in Obsidian is the possibility that automatically when you delete a note that includes an attached file and this file is not used in any other note, you had the possibility to delete that file.This way wouldn’t have a bunch of files that are not linked to any other note and just consume space in your folders. After searching a bit I’ve found a pair of

The Clipboard Project

The Clipboard Project is an advanced clipboard manager tool for your terminal that provides a seamless way to store and access your copied items, allowing you to manage and organize your clipboard history effortlessly. Install $ curl -sSL | sh Configuration This application has support for multiple languages that will modify the usage of the application itself.Instead $ cb copy fileName for copying a file into the cliboard, if

SSH port forwarding in short

SSH Local port forwarding $ ssh -L username@bastion SSH Reverse port forwarding $ ssh -R local_ip:local_port:target_ip:target_port username@local_ip SSH Dynamic Port Forwarding $ ssh -D username@bastion Useful options and tips in SSH port forwarding sessions -f: This option requests SSH to go into the background just before it executes the command. This is commonly used when you want to set up port forwarding without opening an interactive shell session.

Kali Linux 2023.2 Released

A new version of Kali 2023.2 was released last week. The new features of this version are: How to update an existing installation:(As descrived in the Kali blog post) Happy hacking! 😈

How to copy a disk image into an USB memory

BurpSuite ARM64 on Linux using a Macbook M1 Pro

Portswinger has introduced at last an ARM64 version of Burp Suite. From now on it should be possible to install into the new Macbooks.There is no need to keep using that horrible jar version… Let’s try it out. $ chmod +x $ sudo ./ The install path by default will be /opt/BurpSuiteCommunityKeep enabled the option to create a symlink at /usr/local/bin Once finished my Kali is able to find

Burp Suite Academy – SQL injection vulnerability in WHERE clause allowing retrieval of hidden dataBurp Suite Academy

This lab contains a SQL injection vulnerability in the product category filter. When the user selects a category, the application carries out a SQL query like the following: SELECT * FROM products WHERE category = ‘Gifts’ AND released = 1 To solve the lab, perform a SQL injection attack that causes the application to display details of all products in any category, both released and unreleased. As the vulnerability is