Guillaume Lopes

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists. #infosec #pentest #bugbounty https://github.com/1N3/IntruderPayloads …pic.twitter.com/GMXxp8hQuT

Struggling with SSL errors and/or your iOS app doesn't use proxy settings: Charles Proxy (https://itunes.apple.com/app/charles-proxy/id1134218562?mt=8 …) is very handy to quickly analyze trafic #iOS #tips Want to learn more? Check out our Mobile Hacking Training https://conference.hitb.org/hitbsecconf2020ams/sessions/3-day-training-8-mobile-hacking-training/ …pic.twitter.com/Sw12PmE7C2

VSCode x @fridadotre * VSCode based GUI * Interactive terminal * Remote file browser (Yes!) * Open source Not on market yet. But you can built it from the source: https://github.com/chichou/vscode-frida …pic.twitter.com/sG5UhDy2Wd

SettingSyncHost.exe as a LolBin http://www.hexacorn.com/blog/2020/02/02/settingsynchost-exe-as-a-lolbin/ … #LOLBIN cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foopic.twitter.com/dOM4EHq4Zu

Load encrypted PE from XML Attribute. MSBuild is still the best. https://github.com/XwingAngel/PELoader/ … MSBuild sets Property then calls Execute. Use this example to decouple payloads & prove that all security products have a "Single File Bias". Decouple payloads to subvert detection.pic.twitter.com/648rujlLQn

You want to practice and sharpen your weapons for mobile hacking ? Here are our next workshops (free) and trainings: https://www.randorisec.fr/trainings-2020-schedule/ … And if you want to have a preview of the covered subjects, we are going to tweet #mobile #hacking #tips in February. #Android #iOS #MSTGpic.twitter.com/hW0qPdcVgT

Obfuscapk - A Black-Box Obfuscation Tool For Android Apps https://ift.tt/3aRRwVh pic.twitter.com/RF4VjTk3MG

First confraria of 2020 with @Kurustynpic.twitter.com/Z7fre2rE87