{"id":"9d50b75f-be4e-4474-a55c-1283b776215f","slug":"7ms-626-web-pentesting-pastiche-dd6hNx6bxN5","title":"7MS #626: Web Pentesting Pastiche","publishdate":"2024-05-31T19:54:00.000Z","description":"

Hey friends, today we’ve got a security milkshake episode about Web app pentesting. Specifically we talk about:

Burp Suite Enterprise
Caido – a lightweight alternative to Burp
wfuzz – Web fuzzer. Using a proxy:wfuzz -c -z file,/usr/share/wfuzz/wordlist/Injections/XSS.txt –sc 200 “https://somedomain.com/shopping?&qty=%2FUZZ” -p 10.0.7.11:8080
KNOXSS – for XSS testing – pairs nicely with this wrapper: https://github.com/xnl-h4ck3r/knoxnl

In the tangent dept, I moan about how I hate some things about Proxmox but am also starting to love it.

In the tangent #2 department, I talk about tinnitus and acupuncture!

","featured":false,"streamurl":"https://traffic.libsyn.com/secure/7minsec/7MS-626-Web_Pentesting_Pastiche.mp3?dest-id=1921835","spotifyEpisodeId":null,"podcastId":"94543030-14b8-49a4-8e7f-f4a8ddf03347","podcastSlug":"7-minute-security","podcastTitle":"7 Minute Security","thumbnailName":null,"itunesImageUrl":"https://is1-ssl.mzstatic.com/image/thumb/Podcasts126/v4/5a/6c/03/5a6c039c-d004-8b78-69c5-b715699d6ee3/mza_6307985816488870963.png","imageName":"7-minute-security-n4bBCRj0Lo"}

Categorías: