Exploiting GraphQL Secondary Context Attacks
Misconfigured GraphQL implementations can allow for attackers to bypass authorization and access internal APIs. These "secondary context attacks" exploit the gap between GraphQL&
Pulling Specific Files from the Trickest Inventory (or any Github project)
The @trickest [https://twitter.com/trick3st] Inventory project
[https://github.com/trickest/inventory] is an interesting resource. It has a
massive set of hostnames, live
🎉 burpsuite-project-file-parser v1.1 🎉
Edit: 1.1b fixes an auto shutdown issue in burpsuite, I would highly recommend
this release over 1.1a. The rest of the post still
Building on an AppSec Pipeline with Burp Suite data - Part 2
In this two part series we are going to take Burp Suite Project files as input
from the command line, parse them, and then feed
Building on an AppSec Pipeline with Burp Suite data - Part 1
In this two part series we are going to take Burp Suite Project files as input
from the command line, parse them, and then feed