September 27, 2019
如何使用 Collaborator Everywhere <!–more–> 使用方法 https://github.com/PortSwigger/collaborator-everywhere 注意,要现在 scope 中设置范围, collaborator-everywhere 之后才会工作,且只对范围内的请求,修改/添加 HTTP 请求头。 捕获到的请求 GET /wp-content/uploads/2018/05/138-140FP91001-1024×640.jpg HTTP/1.1 Host: wp.blkstone.me User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 root@hvgwzou2c52d11kl8cd4nr16yx4r8fx.burpcollaborator.net Accept: image/webp,*/* Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Connection: close Referer: http://3gkikafoxrnzmn57tyyq8dmsjjpdn1c.burpcollaborator.net/ref If-Modified-Since: Sat, 19 May 2018 09:49:59 GMT If-None-Match: "19f18-56c8bfdde1fc0" Cache-Control: no-transform X-Wap-Profile: […]
April 20, 2019
Burp Suite Logger++ 常见过滤器规则汇总
March 15, 2019
Burp Scanner DOM-based XSS issue
January 29, 2019
Burp Suite: Turbo Intruder 基本使用
January 19, 2019
Burp Suite 导入客户端证书 | Burp Suite: Import Client Certificate
January 14, 2019
Burp 插件: Tomcat JSESSIONID 随机生成器
January 11, 2019
Burp Suite 拦截 HTTPS 出现 handshake alert unrecognized_name 问题的处理