Blog

BurpSuite 30 Pro Tips

[1/30] As promised! #BrupSuiteTips #infoSec #pentesting #bugbountytips Instead of using many tools to do multiple level of encoding or string manipulation. You can do all of that and MORE using #Hackvertor extension by @garethheyes in just a couple of clicks! pic.twitter.com/40aUCnaIup— B1twis3 | Preparing for OSEE (@fasthm00) February 14, 2020 [clip-2] pic.twitter.com/wy8dDnF062— B1twis3 | Preparing…


JWT Exfiltration Optimization & Blind MySQLi

Introduction It was a bloody rainy day in the mid of 2013, when my teacher went over the term “Big O Notation” during the data structure class, back then at LIU university in Lebanon. I didn’t know that I’d use it in my career, and I haven’t had the guts to use it then. Big…


The State of OSWE

Introduction This document is intended as a resource for those who want to conduct white-box pen-testing engagement or who’re preparing for Offensive Security Web Expert (OSWE) exam. After reading this recipe, you should understand what is required to be successful at the white-box pen-testing process and to hopefully pass the OSWE exam. Intentions The intent…