Leveraging ffuf for Timing Attacks: Practical Workflow and Burp Integration
A concise, actionable guide to performing timing attacks using ffuf, including filtering response times, troubleshooting, and utilizing Burp requests for precision testing. Continue readingGolden Ticket Attack: Exploiting Kerberos from Linux
Explore how to execute a full Golden Ticket attack on Active Directory using Linux tools. Includes practical, field-proven Impacket command examples and focuses on technical accuracy for red team and security professionals. Continue readingUsing Burp with Containers In Docker
Making Docker Containers Trust Burp Suite’s CA for Testing
When testing applications running inside Docker containers, intercepting traffic with Burp Suite can be challenging because containers don’t automatically trust Burp’s CA certificate. Without trust, HTTPS requests from inside the container will fail with certificate errors.
In this post, I’ll show you how to:
- Add Burp Suite’s CA to your host system
- Pass the trusted CA to Docker containers
- Ensure seamless HTTPS traffic interception for testing
Let’s get started!
Continue reading