Hi๐Ÿ‘‹๐Ÿผ Iโ€™m HAHWUL.

Offensive Security Engineer, Rubyist/Crystalist/Gopher and H4cker

Posts - Page 30 of 86

Jekyll์— Utterances, Giscus ๋Œ“๊ธ€ ์ ์šฉํ•˜๊ธฐ

  • 2 min read

์ตœ๊ทผ์— ๋ธ”๋กœ๊ทธ๋ฅผ blogger์—์„œ github page๋กœ ์˜ฎ๊ธฐ๋ฉด์„œ ๋Œ“๊ธ€์„ ์ž‘์„ฑํ•  ์ˆ˜ ์žˆ๋Š” ํ™˜๊ฒฝ์ด ์‚ฌ๋ผ์กŒ์Šต๋‹ˆ๋‹ค. Jekyll์—์„œ ๋งŽ์ด๋“ค ์‚ฌ์šฉํ•˜์‹œ๋Š” Disqus์˜ ๊ฒฝ์šฐ ๊ฐœ์ธ์ ์œผ๋กœ ๊ด‘๊ณ  ์ด์Šˆ๋•Œ๋ฌธ์— ์ข‹์•„ํ•˜์ง€ ์•Š๊ธฐ ๋•Œ๋ฌธ์— ๋Œ“๊ธ€ ์„œ๋น„์Šค๋ฅผ ๋‹ค์‹œ ์ฐพ์•„๋ดค๊ณ , github issue ๊ธฐ๋ฐ˜์˜ ๋Œ“๊ธ€ ์„œ๋น„์Šค์ธ Utterances๋ฅผ ์•Œ๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค.

Read More

How to add custom header in ZAP and zap-cli

  • 3 min read

The zap-cli is a tool that helps make ZAP easy to use on the command line. From simple scanning to CI/CD Pipeline, itโ€™s a tool thatโ€™s used everywhere. Unlike other scanners, it does not support custom headers.

Read More

NMAP CheatSheet

  • 2 min read

Cullinan(Wiki) ํ”„๋กœ์ ํŠธ๋ฅผ ์ง„ํ–‰ํ•˜๋ฉด์„œ Cullinan - Nmap์— ๋‹ค์‹œ ์ •๋ฆฌํ•ด๋‘์—ˆ์Šต๋‹ˆ๋‹ค. ํ•ด๋‹น ํŽ˜์ด์ง€๊ฐ€ ์ตœ์‹ ์ด๋‹ˆ ์ฐธ๊ณ  ๋ถ€ํƒ๋“œ๋ ค์š” ๐Ÿ˜Ž

Read More

One custom certificate, Using all tools and your devices (for bug bounty/pentesting)

  • 5 min read

์ €๋Š” Burp pro / ZAP / Cli base proxy 3๊ฐ€์ง€ ๋ชจ๋‘๋ฅผ ์‚ฌ์šฉํ•ฉ๋‹ˆ๋‹ค. ๋‹จ์ˆœํžˆ ์›น๋งŒ ํ…Œ์ŠคํŒ…ํ•  ๋• ํฌ๊ฒŒ ์™€๋‹ฟ์ง€ ์•Š์ง€๋งŒ, ๋ชจ๋ฐ”์ผ์„ ํ…Œ์ŠคํŠธํ•  ๋• ์ธ์ฆ์„œ๊ฐ€ ์ƒ๋‹นํžˆ ๊ท€์ฐฎ์Šต๋‹ˆ๋‹ค. (ํŠนํžˆ ์ž„์‹œ๋กœ ์‚ฌ์šฉํ•˜๋Š” ํฐ๋“ค์€..)

Read More

E-mail ํฌ๋งท์„ ์ด์šฉํ•œ ์—ฌ๋Ÿฌ๊ฐ€์ง€ Exploiting ๊ธฐ๋ฒ•๋“ค

  • 2 min read

Recently, the nahamcon2020 was in over. I difficult to watching it in my time zone, so I just looked at the documents after itโ€™s over. They were all very interesting and I learned a lot of new things. Today Iโ€™m going to talk about the email attack that I saw the most interesting among them. Of course, if you using english, best document is original material, so refer to the link below, and I will write only in Korean today!

Read More