Win10 App Proxy

方法1 访问http://www.telerik.com/fiddler, 然后从顶部菜单中选择「WinConfig」,在接下来打开的窗口中勾选你想排除网络隔离的应用就可以了 方法2 - 修改注册表 通过设置为 Win 10 UWP 应用解除网络隔离 - 少数派…

Burp Intruder

1. Sniper 只需要1个payload POST /login HTTP /1.1 username=$nino$&password=$password$ Payload simplelist: a, b request1: username=a&password=password request2: username=b&password=password request3: username=nino&password=a request4: username=nino&password=b 2. Battering ram 只需要一个payload POST /login HTTP /1.1…

Thick Client Proxying

1. Interception 1.1 Intercepting Responses 1.2 Intercepting Request/Responses Rules 1.3 Match and Replace Proxy > Options > Match and Replace 利用它,就可以实现类似charles proxy的替换功能. 例如替换user-agent 1.4 SSL Pass Through Proxy > Options > SSL Pass Through Burp will not MitM anything added to this section and…

ZAProxy

Contexts a Set of URLs Assign characteristics to groups of URLs Authentication 1. Simple Automatically Login Login in a browser Define Login request Enable forced user mode User logins automatically 2. Zest Login 假如Login时除了username和password,还需要csrf_token. 上述的方法就不可行了. Record a new Zest Script Perform Authentication steps Test the Zest script by…

Burp Scanner Not working

burp-scanner-not-working',' If it said waiting, check at the low left corner if it is paused. If so, double click to continue.…