Web Proxy Auto-Discovery

How To Capture Secrets By Disguising As Web Proxy?

Shhh! Everyone loves a good secret, and in this tutorial, we will show you how to capture a few of them using Web Proxy Auto-Discovery (WPAD). WPAD is the Internet protocol which allows a client (in this case we use a Web browser) to automatically locate and interface with cache services in a network.

You will learn:

  • How to analyze messages without interrupting traffic
  • How to investigate the WPAD file manually
  • Why playing with a Proxy can be dangerous
Read more
How To Burp With Confidence - Our 5 Favourite Features

How To Burp With Confidence – Our 5 Favorite Features

Burp Suite is an HTTP intercepting proxy used globally to test the security of web applications. It works by intercepting communication between your server and the target application that you wish to test and is packed full of nifty features such as Spider, Scanner, and Repeater. There are too many great Burp features to cover in one session so today I am just going to show you my five favorites which I use in every penetration test.   


Read more