sean's blog

Introducing Qsslcauditproxy

The Qsslcaudit tool developed by my colleague Pavel provides an easy way for testing a client SSL implementation. To make testing of multiple connections even more straightforward, I created a proxy wrapper for this tool.

How it works

The user configures qsslcauditproxy as a proxy server on the device under test, for example a mobile device.

Pentesting Meteor Applications with Burp Suite

The following post will cover some techniques to test Meteor applications with Burp Suite. This can also be applied to other protocols that run over WebSockets.
To test this yourself, the example Meteor application “Todos” can be downloaded here.

Test Fallback to XHR

Subscribe to RSS - sean's blog