I have been working on some Docker images for some fun and to expand on my coding knowledge, particularly assembler. The details are as follows:

* The repo is r1cs3c
*…

Introduction

This short blog will introduce one of the most common vulnerabilities reported for the last 21 years[1] since the Common Vulnerabilities and Exposure database/site (CVE) was launched, Buffer Overflows. To provide a little bit of context lets go over some CVE trivia. The second-ever reported vulnerability recorded in the CVE…

Intro

A quick guide on how to use the regex features of FoxyProxy to save you valuable time and space during a pentest.

What is FoxyProxy

FoxyProxy is a Chrome/Firefox add on that allows you to configure multiple proxies and use wildcard/regex to implement a complex variety of proxy rules giving you full control on how your traffic is managed between your browser and Burp.

FoxyProxy basics

For the basics on how to use FoxyProxy please go to https://help.getfoxyproxy.org/index.php/knowledge-base/how-to-use-your-proxy-service-with-firefox-and-foxyproxy-extension/; this should get you up and running on no time.

FoxyProxy URL Patterns guide: mostly wildcards with some regex guidance https://help.getfoxyproxy.org/index.php/knowledge-base/url-patterns/

FoxyProxy Regex Cheat Sheet.

Any regex can be used here 😊, to help to learn regex I would recommend https://regex101.com/

Hope it helps

Ric (@r1cs3c)

Thought I would share with you guys “tip of the day or month”. To share the Burp extensions/apps between Linux machines (Kali in my case) or users within the same machine. Simply copy the source user’s “.BurpSuite” folder, located in the user’s home folder, across to the destination user’s home folder (it is user independent so it doesn’t need to have the same name). Please ensure the source user’s home folder is the same user as the one that you open Burp with, I say this because I use multiple users for pen testing/bug hunting.

Hope it helps.

Ric Campo

Pentester, BugHunter and wannabe researcher. Love Sec #pentest #bugbounty 😀 All opinions expressed are my own!👍 #infosec #pentesting

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store