TheButcher

@pdiscoveryio 🚀🔍 Unleash the power of #DSL expressions and #HTTPX to step up your #bugbounty game! Whether you're refining #recon or enhancing #automation. Here's one 👇 to filter using technologies 💡💻 Thanks, @ProjectDiscovery! #BugBountyTips #Cybersecurity 🐛🛡️

Share a pro tip using ProjectDiscovery tools 👇

Great Hacking Mindset 🧠 "Newer API hackers may not understand how important it is to think like a developer" 💯 Quote from @DanaEpp #bugbountytip

@MasteringBurp Im using your tricks from your Nsec talk everyday, Thanks to you, Ctrl+r/ctrl+shift+r/ctrl+space is now considered as a single keystroke for my 🧠

Periodical reminder: it's possible to navigate sub-tabs (like Repeater entries) from the keyboard. You simply have to configure the actions "Go to previous tab" and "Go to next tab".

@rez0__ Thanks for this tip! Definitely gonna try it out today ! If I might add, I don't know if it's common knowledge, but maybe this can help others too. When viewing large files in Burp, using the raw tab display instead of prettify display can be really helpful!

Here's a random pro-tip for Burp: Use page up and down in the Response window if the response is large. For some reason Burp gets destroyed by scrolling (as I'm sure you already know if you've ever tried to scroll in a 3MB js file) but page up and down is always fast.

@rez0__ What do you guys think about AI Application Security ?

Which term should be used for security related to ai/llm/gen ai features and app?

Unveiling the single-packet attack, a technique that abuses HTTP/2 to stop network jitter from interfering with race condition attacks, effectively making remote races 'local'. Find the new tooling in Burp Repeater… portswigger.net/burp/releases/…

Map files? Used to overlook 'em, but let me tell you, they're pure treasure! 🗺️💎Don't underestimate their potential💪😉! Set up #bchecks, forget about it, and watch the Dashboard for epic hits! 🚀 Score new #bugbounty reports! 🎉 #burp #PortSwigger #Yogosha #Bugcrowd #HackerOne

@sprocket_ed @PortSwigger Great idea to leverage Gpt for automated template creation! 👏 If you need to validate multiple Bcheck, Check out the BcheckChecker Jar located on the Repo: github.com/PortSwigger/BC… Simply run it, and it will check every template in the current dir

@PortSwigger I have a large list of bchecks generated (100+). Is there an easier way for me to validate them outside of copying and pasting them into the embedded editor? A VSCode extension or external linter would be amazing 🤩

PortSwigger's BChecks is insane. You're mistaken if you think it's just a Nuclei clone. Nuclei lets you check a limited number of locations for issues. Imagine you can leverage the crawling capabilities of Burp to search for NTLM auth everywhere on a target.

@plmaltais @Hacker0x01 @YogoshaOfficial @Cybereco1 Thanks for the kind words 🙏, @plmaltais ! Meeting you was a highlight of my bug bounty journey, and I'm grateful for the inspiration you've given me to level up my skills. Let's stay in touch and keep pushing each other to new heights 🚀👨‍💻

@Hacker0x01 🤝 @YogoshaOfficial I'm so glad I've met @TheCyberButcher last year during the Bug Bounty Quebec meetup! What an incredible hacker and human being. Here is a picture of us at @Cybereco1 few weeks ago 😎