Analyzing Microsoft’s NBNS and BOOTP Protocols with Wireshark for Red Teaming

Analyzing Microsoft’s NBNS and BOOTP Protocols with Wireshark for Red Teaming

In this article, we’ll dive into the functionalities of Wireshark, a powerful network protocol analyzer for network packet sniffing. We’ll focus on two key services: Microsoft’s NBNS (NetBIOS Name Service) and BOOTP (Bootstrap Protocol). We’ll show you how you can use them when you perform your Red Team engagements, particularly for Internal Pentesting or Local Network enumeration techniques, taking advantage of such vulnerable components by design that can be forgotten.

read more
Deep Dive to Fuzzing for Maximum Impact

Deep Dive to Fuzzing for Maximum Impact

In this article, we’ll explore the practice of fuzzing, a potent software testing technique. We’ll discuss about tools for fuzzing how it can be applied to both web applications and software applications, breaking down its use in each scenario. We’ll explain also the role of wordlists and generation tools in tailoring inputs.

read more
Maximizing IDOR Detection with Burp Suite’s Autorize

Maximizing IDOR Detection with Burp Suite’s Autorize

This article aims to enhance your ability to detect IDOR vulnerabilities more efficiently and take your discovery process to the next level. Additionally, you will learn how to utilize Autorize, a powerful Burp Suite extension that streamlines the testing process for access control vulnerabilities in web apps.

read more