Here's a long thread complementing my interview with @NahamSec. Feel free to skip it...

First, of course, a link to the interview  https://www.youtube.com/watch?v=U0bPPw6uPgY 

Books I cherised in the early days: "Building Internet Firewalls" and "The Web Application Hacker's Handbook"

What I consider a very good talk: Unicode research by @h3xstream at @northsec_io 2020  https://gosecure.github.io/presentations/2020-05-unicode-northsec/unicode_v3_northsec.pdf 

English-speaking video of my 2015 talk on SSRF (the one which changed Naffy's view on hacking):  https://www.youtube.com/watch?v=8t5-A4ASTIU 

And a French version of the same talk (with more jokes!!), given at @hackfest_ca  https://www.youtube.com/watch?v=TrBUrVDlc20 

How to select a subject: try dozens of them (for example on @WebSecAcademy labs) and keep the ones that really got you intellectually excited

How to reach the (public) "state of the art": select a subject, read/watch all the good stuff on it, replicate at home, then battle-test your skills on real targets

How to find innovative stuff: reach the state of the art and continue exploring (possibly because known techniques don't work on your targets), either in depth or in width

Cf @NahamSec and @daeken research on PDF generators  https://docs.google.com/presentation/d/1JdIjHHPsFSgLbaJcHmMkE904jmwPM4xdhEuwhy2ebvo/edit 

Another example with @orange_8361 research on abusing URL parsers  https://www.blackhat.com/docs/us-17/thursday/us-17-Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf 

One of my first workshop on Burp Suite (2013 - in French - image quality is awful)  https://www.youtube.com/watch?v=BD3aTpMfoBc 

My lastest blog post on Burp Suite: how to deal with CSRF tokens in Intruder, without macros  https://www.agarri.fr/blog/archives/2020/01/13/intruder_and_csrf-protected_form_without_macros/index.html 

An older blog entry, where I exploit a blind XSS with only Burp Suite  https://www.agarri.fr/blog/archives/2017/04/04/exploiting_a_blind_xss_using_burp_suite/index.html 

Last one: exploiting WPAD with Burp Suite and a custom extension, for example during internal pentests  https://www.agarri.fr/blog/archives/2013/10/22/exploiting_wpad_with_burp_suite_and_the_http_injector_extension/index.html 

Burp Suite extensions I recommend (in no specific order): AutoRepeater, Content Type Converter, Param Miner, Request Minimizer, Backslash Powered Scanner, ActiveScan++, Taborator, Paramalyzer, Upload Scanner, Hackvertor, Piper, Request Timer, Logger++, Add Custom Header

One way to optimize your Burp Suite workflow: learn keyboard shortcuts and combine them (any idea what Ctrl-R + Ctrl-Shift-R + Control-Space will do?)

A second way, shortening feedback loops: use macros and session handling rules to automate common scenarios, like injecting in page A and looking at the response of page B

Knowing how to program is super useful. Here's a basic Bash script, used to download videos from Twitter  https://gist.github.com/ngregoire/43891d80fde3c6cbb1a52a5a6468fe41 

My favorite French expression is "La putain de sa mère !"

One single advice for newcomers and future hackers: you have only one reputation. Take care of it, that will maximize your opportunities.

Recent example: long-read on @MalwareTechBlog at Wired  https://www.wired.com/story/confessions-marcus-hutchins-hacker-who-saved-the-internet/ 

I'll give an online Burp Suite Pro training in early August, with my great assistant @AbyXss  https://ringzer0.training/mastering-burp-suite-pro.html 

My "HTTP Traceroute" tool and research from 2011 (apparently still useful, according to the stream's chat)  https://www.agarri.fr/blog/archives/2011/11/12/traceroute-like_http_scanner/index.html 

Quoting myself: "In order to do new research, you don't need a new subject!"

That's all folks! #TheEnd


You can follow @Agarri_FR.



Bookmark

____
Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.

Enjoy Threader? Sign up.

Since you’re here...

... we’re asking visitors like you to make a contribution to support this independent project. In these uncertain times, access to information is vital. Threader gets 1,000,000+ visits a month and our iOS Twitter client was featured as an App of the Day by Apple. Your financial support will help two developers to keep working on this app. Everyone’s contribution, big or small, is so valuable. Support Threader by becoming premium or by donating on PayPal. Thank you.


Follow Threader