Burp Suite

Adventures in LDAP Injection: Exploiting and Fixing

Every pen tester looks forward to that next encounter that includes one of those uncommon vulnerabilities that ultimately result in an exciting session of exploration and learning.  During a recent web penetration test I ran across one of these rare gems when I started seeing some odd behavior on a forgot password form.  In this …

Adventures in LDAP Injection: Exploiting and FixingRead More »

Professionally Evil Web Penetration Testing Class

Ever thought about being able to test the security of your web applications? Wanted to know how the Professionally Evil hack web services and applications?  Interested in upgrading your skills around attacking modern web applications? Well now you have your chance! Secure Ideas is excited to announce the latest in our course offerings.  We will be …

Professionally Evil Web Penetration Testing ClassRead More »

Professionally Evil Training: Advanced Tactical Burp Webinar

Secure Ideas is excited to announce its latest upcoming online training.  We will be offering a two-hour session exploring advanced topics related to Burp Suite and its use in a web application penetration test.  Kevin Johnson and James Jardine will explore the various features of Burp Suite, focusing on how we use the system during our penetration …

Professionally Evil Training: Advanced Tactical Burp WebinarRead More »

Professionally Evil Training: Tactical Burp Suite Webinar

Tactical Burp Suite Webinar Secure Ideas is excited to announce its latest upcoming online training.  We will be offering a two-hour session exploring Burp Suite and its use in a web application penetration test.  Kevin Johnson and James Jardine will explore the various features of Burp Suite, focused on how we use the system during …

Professionally Evil Training: Tactical Burp Suite WebinarRead More »

Burp Co2 Update v0.5 adds a Name Mangler module!

I’m excited to announce another addition to the Burp Co2 extension bundle in v0.5 of Burp Co2 (download):  The “Name Mangler”. Ever found yourself working on a web pen test for an organization where you have gathered a list of users and suspect a username harvesting vulnerability but have not yet worked out the username format …

Burp Co2 Update v0.5 adds a Name Mangler module!Read More »

Announcing Burp Co2!

This is for those of you who do web pen testing with Portswigger’s Burp proxy tool!  Over the past couple of months I have been using my Java skills and “free time” (lol) to build a collection of Burp extensions that have been dubbed “Co2”. Included in this version are a few useful modules.  The …

Announcing Burp Co2!Read More »

Scroll to Top