Welcome to my site. This is a brain-dump for me to share my ideas, findings on the topic of IT security.

Recent posts

  • How to become a web pentester
    2018-02-12 16:21:30
    This is my idea about how one can become a web pentester.
  • Why learn web pentesting
    2017-09-08 14:28:18
    I get this question a lot, how to get into pentesting. I think the shortest way to do that is through web pentesting and in this post I will explain why do I think that.
  • Intro to ARP spoofing with bettercap
    2016-02-15 09:01:52
    I recently discovered a fairly new man-in-the-middle tool called bettercap, which I will test in this video. I will explain the concept of ARP spoofing, install bettercap, and see how one can use it to sniff passwords on a network.
  • The free Burp Suite training is ready
    2016-02-15 09:00:00
    I have been working on an online Burp Suite training for quite some time. It is finally ready.
  • Advanced sqlmap features - eval
    2014-07-21 16:22:58
    One advanced feature of sqlmap is the --eval parameter which allows the user to run python code before sending each attack request. That gives the user huge power. In this post this feature is introduced through some examples.

More posts >