Blog

All pen testers use the Burp suite at some point, but few really exploit it to its full potential. One of the most extraordinary features of Burp is the ability to write your own custom handler. [...]

This is the second entry about the smart card track at NorthSec 2013, if you missed the first one, read it here. According to the track instructions, the second flag was the current PIN and they [...]

I want to post in this blog what I did at NorthSec 2013 which is a hacking competition that took place in Montreal in April 2013 (www.nsec.io). It is a 3 day event, so I’ll use multiple [...]

When performing penetration testing, sqlmap can be used to have a granular control of the various injection points during a SQL injection. For example, the HTTP Cookie header, the HTTP Referer [...]