htrgouvea

icon indicating a website link https://heitorgouvea.me

icon company @lesis-lat icon location security researcher // multidisciplinary like everyone else

Results 76 issues of htrgouvea

Feature Request: Fingerprint technologies to better assertive use of wordlists

It would be interesting if the fuzzer itself identified some of the technologies used by the application, consequently, taking the freedom to decide which wordlists to use. References: 1. https://github.com/iustin24/chameleon

Automatically load platform targets and add to Burp Scope

Hi folks, During my use of [BBRF Plugin](https://github.com/honoki/bbrf-burp-plugin) i see one interessant feature that we can replicate to this extentions. After defining a project, we can automatically load the assets...

enhancement

Support for workflows

TBD

Exploit: OCI Bucket misconfig

New module: brute-force JWT secret

Exploit: None Attack

New module: nmap wrapper

https://metacpan.org/pod/Nmap::Scanner

New module to detect Broken Links in a web page

New module to detect Open Redirect

New module to detect XSS

1 comment

I believe that a module to identify parameters and possible injection points, along with testing different payloads and checking responses could help find XSS's and this would be very useful...