/categories/web-security/ Recent content in Web Security on Amit Agarwal Linux Blog Hugo -- gohugo.io en Mon, 23 Mar 2026 00:00:00 +0530 /2026/03/23/2026-03-23-ffuf_timing_attack/ Mon, 23 Mar 2026 00:00:00 +0530 /2026/03/23/2026-03-23-ffuf_timing_attack/ A concise, actionable guide to performing timing attacks using ffuf, including filtering response times, troubleshooting, and utilizing Burp requests for precision testing. /2025/02/08/2025-02-08-UsingBurpwithContainersInDocker/ Sat, 08 Feb 2025 00:00:00 +0530 /2025/02/08/2025-02-08-UsingBurpwithContainersInDocker/ <h1 id="making-docker-containers-trust-burp-suites-ca-for-testing">Making Docker Containers Trust Burp Suite&rsquo;s CA for Testing</h1> <p>When testing applications running inside Docker containers, intercepting traffic with Burp Suite can be challenging because containers don’t automatically trust Burp’s CA certificate. Without trust, HTTPS requests from inside the container will fail with certificate errors.</p> <p>In this post, I’ll show you how to:</p> <ol> <li>Add Burp Suite’s CA to your host system</li> <li>Pass the trusted CA to Docker containers</li> <li>Ensure seamless HTTPS traffic interception for testing</li> </ol> <p>Let’s get started!</p>