Here& #39;s a long thread complementing my interview with @NahamSec. Feel free to skip it...
First, of course, a link to the interview https://www.youtube.com/watch?v=U0bPPw6uPgY">https://www.youtube.com/watch...
Books I cherised in the early days: "Building Internet Firewalls" and "The Web Application Hacker& #39;s Handbook"
What I consider a very good talk: Unicode research by @h3xstream at @northsec_io 2020 https://gosecure.github.io/presentations/2020-05-unicode-northsec/unicode_v3_northsec.pdf">https://gosecure.github.io/presentat...
English-speaking video of my 2015 talk on SSRF (the one which changed Naffy& #39;s view on hacking): https://www.youtube.com/watch?v=8t5-A4ASTIU">https://www.youtube.com/watch...
And a French version of the same talk (with more jokes!!), given at @hackfest_ca https://www.youtube.com/watch?v=TrBUrVDlc20">https://www.youtube.com/watch...
How to select a subject: try dozens of them (for example on @WebSecAcademy labs) and keep the ones that really got you intellectually excited
How to reach the (public) "state of the art": select a subject, read/watch all the good stuff on it, replicate at home, then battle-test your skills on real targets
How to find innovative stuff: reach the state of the art and continue exploring (possibly because known techniques don& #39;t work on your targets), either in depth or in width
One of my first workshop on Burp Suite (2013 - in French - image quality is awful) https://www.youtube.com/watch?v=BD3aTpMfoBc">https://www.youtube.com/watch...
My lastest blog post on Burp Suite: how to deal with CSRF tokens in Intruder, without macros https://www.agarri.fr/blog/archives/2020/01/13/intruder_and_csrf-protected_form_without_macros/index.html">https://www.agarri.fr/blog/arch...
An older blog entry, where I exploit a blind XSS with only Burp Suite https://www.agarri.fr/blog/archives/2017/04/04/exploiting_a_blind_xss_using_burp_suite/index.html">https://www.agarri.fr/blog/arch...
Last one: exploiting WPAD with Burp Suite and a custom extension, for example during internal pentests https://www.agarri.fr/blog/archives/2013/10/22/exploiting_wpad_with_burp_suite_and_the_http_injector_extension/index.html">https://www.agarri.fr/blog/arch...
Burp Suite extensions I recommend (in no specific order): AutoRepeater, Content Type Converter, Param Miner, Request Minimizer, Backslash Powered Scanner, ActiveScan++, Taborator, Paramalyzer, Upload Scanner, Hackvertor, Piper, Request Timer, Logger++, Add Custom Header
One way to optimize your Burp Suite workflow: learn keyboard shortcuts and combine them (any idea what Ctrl-R + Ctrl-Shift-R + Control-Space will do?)
A second way, shortening feedback loops: use macros and session handling rules to automate common scenarios, like injecting in page A and looking at the response of page B
My favorite French expression is "La putain de sa mère !"
One single advice for newcomers and future hackers: you have only one reputation. Take care of it, that will maximize your opportunities.
I& #39;ll give an online Burp Suite Pro training in early August, with my great assistant @AbyXss https://ringzer0.training/mastering-burp-suite-pro.html">https://ringzer0.training/mastering...
My "HTTP Traceroute" tool and research from 2011 (apparently still useful, according to the stream& #39;s chat) https://www.agarri.fr/blog/archives/2011/11/12/traceroute-like_http_scanner/index.html">https://www.agarri.fr/blog/arch...
Quoting myself: "In order to do new research, you don& #39;t need a new subject!"
That& #39;s all folks! #TheEnd
You can follow @Agarri_FR.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: