Nicolas Grégoire
+ Your AuthorsArchive @Agarri_FR Web hacker and Burp Suite Pro trainer Refer to for trainings Follow @MasteringBurp for free tips and tricks May. 23, 2020 2 min read

Here's a long thread complementing my interview with @NahamSec. Feel free to skip it...

First, of course, a link to the interview 

Books I cherised in the early days: "Building Internet Firewalls" and "The Web Application Hacker's Handbook"

What I consider a very good talk: Unicode research by @h3xstream at @northsec_io 2020 

English-speaking video of my 2015 talk on SSRF (the one which changed Naffy's view on hacking): 

And a French version of the same talk (with more jokes!!), given at @hackfest_ca 

How to select a subject: try dozens of them (for example on @WebSecAcademy labs) and keep the ones that really got you intellectually excited

How to reach the (public) "state of the art": select a subject, read/watch all the good stuff on it, replicate at home, then battle-test your skills on real targets

How to find innovative stuff: reach the state of the art and continue exploring (possibly because known techniques don't work on your targets), either in depth or in width

Cf @NahamSec and @daeken research on PDF generators 

Another example with @orange_8361 research on abusing URL parsers 

One of my first workshop on Burp Suite (2013 - in French - image quality is awful) 

My lastest blog post on Burp Suite: how to deal with CSRF tokens in Intruder, without macros 

An older blog entry, where I exploit a blind XSS with only Burp Suite 

Last one: exploiting WPAD with Burp Suite and a custom extension, for example during internal pentests 

Burp Suite extensions I recommend (in no specific order): AutoRepeater, Content Type Converter, Param Miner, Request Minimizer, Backslash Powered Scanner, ActiveScan++, Taborator, Paramalyzer, Upload Scanner, Hackvertor, Piper, Request Timer, Logger++, Add Custom Header

One way to optimize your Burp Suite workflow: learn keyboard shortcuts and combine them (any idea what Ctrl-R + Ctrl-Shift-R + Control-Space will do?)

A second way, shortening feedback loops: use macros and session handling rules to automate common scenarios, like injecting in page A and looking at the response of page B

Knowing how to program is super useful. Here's a basic Bash script, used to download videos from Twitter 

My favorite French expression is "La putain de sa mère !"

One single advice for newcomers and future hackers: you have only one reputation. Take care of it, that will maximize your opportunities.

Recent example: long-read on @MalwareTechBlog at Wired 

I'll give an online Burp Suite Pro training in early August, with my great assistant @AbyXss 

My "HTTP Traceroute" tool and research from 2011 (apparently still useful, according to the stream's chat) 

Quoting myself: "In order to do new research, you don't need a new subject!"

That's all folks! #TheEnd

You can follow @Agarri_FR.


Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.

Threader is an independent, ad-free project created by two developers. Our iOS Twitter client was featured as an App of the Day by Apple. Sign up today to compile, bookmark and archive your favorite threads.

Follow Threader