Menu

Close
  • Home
  • Blog Posts
Subscribe
Red Canari Security Blog Menu

penetration testing

A 4-post collection

Page 1 of 1

9447 CTF Recon 1 & 2 Writeups

Last weekend I was lucky enough to play with the talented Montreal-based capture-the-flag (CTF) team DCIETS in the 9447 online CTF event. For those of you »

Nadeem Douba Nadeem Douba on hacking, penetration testing, web penetration testing, ctf, recon, osint 30 November 2015

5 Important Questions to Ask Your Next Penetration Tester

One of our biggest frustrations we have in our industry is coming across organizations that have been taken advantage of by former security contractors. The biggest »

Nadeem Douba Nadeem Douba on penetration testing, market evaluation, security 26 October 2015

Blind Error-based SQL Injection with NULLIF()

The other day I found an interesting way to use error-/boolean-based SQL injection, blindly, to exfiltrate database artifacts. What do I mean by that? Well, »

Nadeem Douba Nadeem Douba on sqli, web penetration testing, penetration testing, hacking 24 September 2015

Using Groovy in BurpSuite with BurpKit

In August of 2015, I released a tool at DEFCON 23 called BurpKit. BurpKit is a plugin for the de-facto web penetration testing tool, BurpSuite. It »

Nadeem Douba Nadeem Douba on burpkit, penetration testing, web penetration testing, security, tools, infosec, burpsuite 24 September 2015
Page 1 of 1
Red Canari Security Blog © 2019
Proudly published with Ghost