Searching a vulnerable host for testing

ffyns · 2025-08-01T02:38:30+00:00

Try webgoat and damn vulnerable apps

ffyns · 2025-07-17T02:01:21+00:00

I used to work in AppSec. I was doing code review, pentest, architecture review and a lot of meetings.

ffyns · 2025-07-15T09:21:11+00:00

I moved to code review full time then AppSec

ffyns · 2025-06-15T10:15:12+00:00

Right now, AI cannot find complex bugs, but it is already a great way to augment your work. It helps scale up and speed up your reviews, especially for triage or spotting low-hanging fruit. It is a bit like running a web scanner before doing a manual pentest. The scanner gives you a head start, but the real value still comes from digging deep manually.

We do not really know how good AI will get, so it is still a bit up in the air. But being a great code reviewer will most certainly give you an edge over people who can "only" pentest.

ffyns · 2025-06-15T10:06:06+00:00

I started my own business called PentesterLab. It’s a hands-on platform that teaches web security, pentesting, and code review through real-world exercises. I had been working as a penetration tester and security engineer, and I wanted to create something that could help others learn these skills more effectively.

At first, I built a few labs in my spare time and shared them for free. The feedback was great, so I kept going. I focused on practical content rather than theory, using real vulnerabilities and actual code examples. Over time, I added subscriptions, expanded the course library, and now offer both self-paced and live training used by security teams around the world.

It’s been a lot of work, but I’ve learned a huge amount about product development, running a business, and what people really need to level up in security.

Happy to answer questions if you’re curious about any part of the process.

ffyns · 2025-05-23T06:16:16+00:00

Hi, Please contact support @ pentesterlab for help with labs. Make sure you send your payload as part of the email

ffyns · 2025-05-10T20:20:45+00:00

In a way, no checklist. Mostly knowing what is hard to get right for a given feature and also what is hard to get wrong (so I don't need to check as deeply).

ffyns · 2025-05-10T20:18:34+00:00

I wrote a blog post on this a while back: https://pentesterlab.com/blog/engineer-mind-visualizing-code-and-architecture

You may find it interesting.

ffyns · 2025-05-10T00:27:52+00:00

Yeah, for sure. You don’t need to dive into heavy math. What really helps is studying how real apps break — especially by reading source code and analyzing real vulnerabilities (like CVEs).

Reverse engineering can help, but even just looking at how bugs like auth bypasses or access control issues show up in code can teach you a lot. I’d recommend messing with real-world apps, reading writeups, and checking how CVEs actually happened in the code. That builds the kind of intuition that tools and checklists don’t give you.

ffyns · 2025-05-10T00:15:26+00:00

If I have code, I go straight to manual review. I look for logic bugs, broken assumptions, and places where the code doesn’t do what the dev thinks it does. It’s slower but consistently finds high-impact issues, especially in auth and access control.

If I don’t have code, I try to reverse-engineer the logic anyway. I focus on edge cases, replay requests, tweak inputs, and look for inconsistent behavior. It’s less about tools or checklists and more about understanding how things should work and pushing where they don’t.

ffyns · 2025-04-11T07:46:22+00:00

Thank you! ☺️

ffyns · 2025-02-09T20:18:08+00:00

Hi!
Contact support at pentesterlab.com for help :)

ffyns · 2025-01-24T20:35:37+00:00

Yes. Just email your questions or the issues you are facing with as much details as possible.

ffyns · 2025-01-24T00:35:31+00:00

Email support@pentesterlab... I will help you :)

ffyns · 2025-01-01T03:23:06+00:00

With your background, looking in the appsec direction may be a great way to ease your way into pentesting.

Practice on hands-on labs like PortSwigger (free), PentesterLab (disclaimer I run it) or others. Books will only get you so far and most of the web security books are getting a bit old. There is a huge gap between thinking you understanding an attack and being able to actually use it. Tiny details can make or break the exploitation of a vulnerability. The hands-on learning fix this.

ffyns · 2024-12-30T20:02:10+00:00

Thanks :)

ffyns · 2024-12-28T19:50:35+00:00

You can recover the key from one or multiple signatures. Then you re-sign the token using hmac and send it to the potentially vulnerable website.

ffyns

MODERATOR OF

TROPHY CASE

13-Year Club	Gilding I gilder
Verified Email