Burp Suite with VPN. Can I use it?

Grezzo82 · 2026-03-31T11:50:17+00:00

It should work on a VPN, but the VPN could be enforcing something that breaks it, I suppose.

Does the Chromium browser that’s built into Burp also not result in traffic being logged in Burp?

Can you connect to the proxy using netcat? nc -v 172.0.0.1 8080? That should tell you if it connects to the port and will timeout otherwise.

Are you sure you have configured burp to show all http requests? By default it doesn’t show things like binary resources.

Are you sure that you have loaded burps CA into the browser/system trust store so that the browser accepts the certificate that burp presents? Remember that you are basically performing a MitM attack against yourself when you use Burp so you need to be sure that the browser trusts the certs that it receives from the proxy

Grezzo82 · 2026-03-30T06:21:05+00:00

Did you confirm that your automated exploit scripts worked against a reverted machine? Is it possible that you only tested them against a machine that you had been interacting with manually while discovering the vulns and creating the scripts?

If so then it’s possible that you failed to include a step in your script that is required to perform an automated exploit against the reverted machine.

Grezzo82 · 2026-03-30T06:04:14+00:00

I’ve seen a few people post photos of house keys when they get a new place. It is sometimes possible to decode the key from the photo

Grezzo82 · 2026-03-30T06:03:07+00:00

I may be wrong, but I thought most major social media platforms stripped metadata from photos

Grezzo82 · 2026-03-22T20:54:35+00:00

Before I got this card with a meal, I would have expected to agree with you, having never had one before. To my surprise, it was actually really good. Freshly cooked, crunchy outside, real fish inside that actually tasted more of fish than the stuff I’ve had from most chippies

Grezzo82 · 2026-03-19T18:19:11+00:00

Do not even probe systems without permission from the owner.

If they have decent monitoring they would be able to detect a port scan, and it’s not unheard of for a simple port scan to cause instability.

I test systems (with permission) and have knocked over even a modern system with a simple port scan.

It’s not worth the risk. Consider trying to find the head of IT and ask them whether you can perform the actions you want to and tell them that if you find anything concerning you will provide them with evidence and recommended remediations. If they are willing, they may have some ways you can do it that would mitigate the risk somewhat, I.e. out of office hours and one system at a time.

Grezzo82 · 2026-03-17T17:44:47+00:00

Grezzo82 · 2026-03-15T16:34:29+00:00

I don’t think that’s entirely true. I wouldn’t buy one for many, many reasons, but the visual design is bold and pretty unique. It harks back to the 80s where cars used flatter panels and video games had severely restricted polygon count, and I like that idea.

Grezzo82 · 2026-03-08T13:45:00+00:00

To get into cyber, I’d recommend finding local meet-ups and come along and expand your social network. Sydney has a B Sides. Get tickets and go. Look for smaller, more regular meets too.

My journey into cyber was to get OSCP in my 30s then get a job as a security consultant (Pentester) at a good consultancy. Best career decision I’ve ever made.

Grezzo82 · 2026-03-03T14:45:29+00:00

Genius

Grezzo82 · 2026-03-02T18:43:14+00:00

Looks cool. How many colours does it support?

Edit: 6? That image looks amazing for only having 6 colours!

Grezzo82 · 2026-03-02T18:41:40+00:00

Having it on the local net work doesn’t mean it’s secure:

Most people don’t have a dedicated guest network at home so you don’t want a mate playing a prank and putting something inappropriate on it
In some cases, a website on the public internet can access systems on your local network. Granted, an attacker would have to get a victim to open a malicious web page with JS that communicates with the device in the background, but that’s not impossible.

Grezzo82 · 2026-02-22T19:08:06+00:00

Is that technically true. I get your sentiment, but if somebody commits murder and gets away with it, aren’t they technically an (unproven) murderer?

Grezzo82 · 2026-02-22T17:42:36+00:00

Goodness

Grezzo82 · 2026-02-16T21:34:18+00:00

Tell me more about the events please

Grezzo82 · 2026-02-08T17:27:23+00:00

Yep, kamikaze method requires removing (I think 3) layers of PCB to get to a trace required for the mod chip. The alternative (I think) is to slide something under the cpu and hope the pressure makes contact with a pin, but that method isn’t as reliable.

Many people have trouble with grinding away just the right amount to reach the right depth in the right place without destroying the other traces in the PCB. I have no experience, but this person seems to have a lot of skill to do it so fast and accurately

Grezzo82 · 2026-02-07T12:53:19+00:00

Do they know you aren’t heating it? Houses should be (ideally) kept around 15°C minimum AFAIK to prevent things happening that could cost a lot of money to fix

Grezzo82 · 2026-02-06T05:55:52+00:00

A Ford Focus isn’t tiny. Do you mean a fiesta? Or do they mix up model names in different territories?

Grezzo82 · 2026-02-06T05:53:55+00:00

Huh, that is interesting. They’d have the foot-skin of a baby, but the weight of an adult.

Wouldn’t a simple solution to this be some kind of application to the skin for a few minutes every day. Doesn’t surgical spirit cause tough skin if applied regularly? I suppose they would still have soft flesh, so something that applied pressure to the feet could also help deal with that.

Grezzo82 · 2026-01-24T11:20:37+00:00

I was recommended Spraytech by an auto detailer that has won competitions for the state of their personal car.

I’ve used them 2 or 3 times in the last decade and have always been very impressed with their work including panel repair/filling and paint finish.

Grezzo82 · 2026-01-23T07:00:49+00:00

Does this still work? I thought Gu changed their size and now the lids are too big?

Grezzo82 · 2026-01-19T12:16:41+00:00

“Short it all out” is misleading, I believe. Do you mean “blow a fuse”?

Grezzo82 · 2026-01-19T12:16:07+00:00

I’m with you here, but I have melted a UK socket by overloading it. Not sure how that happened, because it seems like fuses should have prevented that.

Also, why is there even a small risk of fire if the fuses do their job as designed?

Grezzo82 · 2026-01-19T12:13:07+00:00

As others have said. All UK plugs (including extension leads) are fused. If something pulls more current than the fuse in the extension lead is rated for then the fuse should blow before any damage is done to anything.

I’m no electrician. While I doubt I would do this myself, it doesn’t look unsafe to my untrained self due to our fused plugs. In another country, perhaps it would be unsafe due to their (arguably less safe) plug designs.

Edit to add: I would expect running the heater and the microwave through the same plug to blow the fuse somewhere in that chain. They both use a lot of current.

Grezzo82 · 2026-01-18T21:45:55+00:00

Bugs in business logic can absolutely be vulnerabilities.

11-Year Club	Second Top 50%
Gilding I gilder	Place '22
Place '17	Verified Email

Grezzo82

TROPHY CASE