HAHWUL

HAHWUL

Security engineer, Developer and H4cker

Cullinun

Cullinan

Cullinan is wiki of offensive security

Phoenix

Phoenix

Phoenix is online tools for me

OWASP Amass - DNS Enum/Network Mapping

OWASP Amass는 OWASP에서 go로 만든 DNS Enum, Network Mapping 도구이자 Project입니다.Recon, OSINT...

Burp collaborator 인증서 에러 해결하기(certificate error solution)

Burp를 쓰다보면 간혹 이런 에러를 만날 수 있습니다. (하필 중요한 콜라보레이터에서 ㅜㅜ)The Burp Collaborator server u...

Burp suite pro 구매기(for korean, 개인 증명 관련 문제 처리방법?)

음.. 개인적인 분석 환경을 이야기하자면회사에선 Burp pro + ZAP개인으론 ZAP + Burp CE였습니다.물론 burp pro~ent가 좋...

Bypass blank,slash filter for XSS to simple trick (double-double ")

Hi, hackers.The XSS pattern I’m going to talk to you about today… but It’s not a n...

HTTP Desync Attack 에 대해 알아보자(HTTP Smuggling attack re-born, +My case)

Today’s content is Korean content for HTTP Desync Attacks. Based on the link below...

onload*(start/end) event handler XSS(Any browser)

Hi hackers.Last time I wrote about onpointer * xss, I write a not well-known even...

onpoint* XSS Payload for bypass blacklist base event-handler xss filter

Hi hackers.I crafted XSS payloads for bypass event handler protection. it is just ...

JSONP Hijacking

Hi hackers. It’s a long time I didn’t write blog post.I found JSONP Hijacking a no...

Event handler for mobile used in XSS (ontouch*)

Some event handlers do not appear in the OWASP list.It is a touch event like ontou...