Introduction to Hacking Thick Clients: Part 2 – The Network

Austin Altmann
May 14th, 2020

Introduction to Hacking Thick Clients: Part 2 – The Network

Introduction to Hacking Thick Clients is a series of blog posts that will outline many of the tools and methodologies used when performing thick client security assessments. In conjunction with these posts, NetSPI has released two vulnerable thick clients: BetaFast, a premier Betamax movie rental service, and Beta Bank, a premier finance application for the […]

Will Strei
August 7th, 2018

Introducing Burp Extractor

The Problem With Tokens and Scanning Burp Suite’s cookie jar is an incredibly handy tool that makes a penetration tester’s life much easier in many situations. It makes for a no hassle way to reissue requests in Repeater as a different user, scan requests which were originally issued in a previous session, and other fun […]

Jake Reynolds
September 26th, 2017

DNS Tunneling with Burp Collaborator

DNS tunneling, in my opinion, is the niftiest data exfiltration method there is. For those not familiar, check out Section 3 from SANS’s “Detecting DNS Tunneling” whitepaper here. Our Mobile Application Practice Lead, Aaron Yaeger, recently taught me how easy it is to use Burp Collaborator for DNS tunneling. Exfiltrating data like that was a bit […]

Jake Reynolds
May 16th, 2017

Beautifying JSON in Burp

Most penetration testers know the pain of trying to view and modify an unparsed JSON string. This Burp extension removes that burden and allows live editing of beautified JSON strings.

Ken Johnson
February 14th, 2017

Attacking JavaScript Web Service Proxies with Burp

JavaScript Web Service Proxies are an alternative to WSDL (Web Services Description Language) files for interacting with WCF Web Services. The proxy files function as a description of the web service methods, exposing the available service methods as well as their parameters. JavaScript Service Proxies, or JSWS (JavaScript Web Services) as I will be calling […]

Eric Gruber
March 2nd, 2016

Java Deserialization Attacks with Burp

The recent Java deserialization attack that was discovered has provided a large window of opportunity for penetration testers to gain access to the underlying…

Eric Gruber
May 26th, 2015

Debugging Burp Extensions

Burp is a very useful tool for just about any type of testing that involves HTTP. What makes it even better is the extension support that it offers. People can compliant the features that Burp has to offer with their own extensions to create a very powerful well-rounded application testing tool that is tailored to their […]

Karl Fosaaen
March 18th, 2013

Hacking High Scores in iOS GameCenter

I recently wrote a blog post about cracking email hashes from the iOS GameCenter application. During my research on the issue, I noticed that there were a number of games where users had insanely high scores. Lots of the users also had the exact same score (9,223,372,036,844,775,807) for each of the games that they played. Coincidentally this number […]

Eric Gruber
March 5th, 2013

Hacking Web Services with Burp

WSDL (Web Services Description Language) files are XML formatted descriptions about the operations of web services between clients and servers. They contain possible requests along with the parameters an application uses to communicate with a web service. This is great for penetration testers because we can test and manipulate web services all we want using […]