Neurohazard
暮雲煙月,皓首窮經;森羅萬象,如是我聞。

如何使用 Collaborator Everywhere

September 27, 2019

如何使用 Collaborator Everywhere

如何使用 Collaborator Everywhere <!–more–> 使用方法 https://github.com/PortSwigger/collaborator-everywhere 注意,要现在 scope 中设置范围, collaborator-everywhere 之后才会工作,且只对范围内的请求,修改/添加 HTTP 请求头。 捕获到的请求 GET /wp-content/uploads/2018/05/138-140FP91001-1024×640.jpg HTTP/1.1 Host: wp.blkstone.me User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 root@hvgwzou2c52d11kl8cd4nr16yx4r8fx.burpcollaborator.net Accept: image/webp,*/* Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Connection: close Referer: http://3gkikafoxrnzmn57tyyq8dmsjjpdn1c.burpcollaborator.net/ref If-Modified-Since: Sat, 19 May 2018 09:49:59 GMT If-None-Match: "19f18-56c8bfdde1fc0" Cache-Control: no-transform X-Wap-Profile: […]

September 4, 2019

【中通安全开源项目】越权漏洞自动化检测工具

【中通安全开源项目】越权漏洞自动化检测工具

August 30, 2019

Burp Suite 被动扫描辅助插件

Burp Suite 被动扫描辅助插件

April 22, 2019

Burp Suite 高级目标范围控制

Burp Suite 高级目标范围控制

April 20, 2019

Burp Suite Logger++ 常见过滤器规则汇总

Burp Suite Logger++ 常见过滤器规则汇总

March 15, 2019

Burp Scanner DOM-based XSS issue

Burp Scanner DOM-based XSS issue

January 19, 2019

Burp Suite 导入客户端 SSL 证书

Burp Suite 导入客户端证书 | Burp Suite: Import Client Certificate

January 14, 2019

Burp 插件: Tomcat JSESSIONID 随机生成器

Burp 插件: Tomcat JSESSIONID 随机生成器

January 11, 2019

Burp Suite 拦截 HTTPS 出现 handshake alert unrecognized_name 问题的处理

Burp Suite 拦截 HTTPS 出现 handshake alert unrecognized_name 问题的处理

November 21, 2018

Burp Suite Active Scanner XML issue payload

Burp Active Scanner XML issue payload