For those less versed in web applications and how they’ve evolved, I wrote a sort of prologue to this post back in April 2018, titled A Brief Evolution of Web Apps. This is the first in a three-part series, Three C-Words of Web Application Security. This one will deal with CORS, while the next will …
Three C-Words of Web App Security: Part 1 – CORS Read More »
Often, one of the main goals of a pen tester is to get Domain Admin (DA) rights in a client’s Windows network. But why do we want to get that level of access? For some, it may just be the satisfaction of navigating far enough to compromise the DA account. But, in reality, gaining DA …
Welcome to the 5th blog on Burp Suite, and Happy 4th of July! Please visit Secure Ideas’ previous blogs on using Burp Suite at the following links: Part 1: Burp Repeater Part 2: Introducing Burp Correlator Part 3: Running Burp on a Mac Part 4: Burp-suite-continuing-the-saga As in previous articles, we will be using the …