Willis Vandevanter

Aug 26, 2022 automation

Pulling Specific Files from the Trickest Inventory (or any Github project)

The @trickest [https://twitter.com/trick3st] Inventory project [https://github.com/trickest/inventory] is an interesting resource. It has a massive set of hostnames, live

Jul 21, 2022 burpsuite-project-parser automation

🎉 burpsuite-project-file-parser v1.1 🎉

Edit: 1.1b fixes an auto shutdown issue in burpsuite, I would highly recommend this release over 1.1a. The rest of the post still

Jun 17, 2022 burpsuite-project-parser automation

Building on an AppSec Pipeline with Burp Suite data - Part 2

In this two part series we are going to take Burp Suite Project files as input from the command line, parse them, and then feed

Jun 8, 2022 burpsuite-project-parser automation

Building on an AppSec Pipeline with Burp Suite data - Part 1

In this two part series we are going to take Burp Suite Project files as input from the command line, parse them, and then feed

Feb 5, 2019 ssrf protocol smuggling

SSRF Protocol Smuggling in Plaintext Credential Handlers : LDAP

SSRF protocol smuggling involves an attacker injecting one TCP protocol into a dissimilar TCP protocol. A classic example is using gopher (i.e. the first