David Sopas – Web Security Researcher

Tools

23/08/19 Hardware , Tools , Travel # , , ,

My Red Team assessment hardware

My Red Team assessment hardware

Many friends and colleagues are asking me what I use for red team assessments so I decided to write a post with my arsenal – which will could not reflect others Red Team approach.

Also, the hardware is task specific. For example, if you’re going on a Wifi hunt you might not need a set of lockpicking tools – well you never know 🙂

Other people lists can be found here:

Feel free to Tweet @dsopas with new lists or even recommend stuff for me to buy 🙂

no responses
16/08/18 Bug Bounty , Tools # , , ,

h1-search tool

h1-search tool

Me and Paulo Silva wrote a simple golang tool to check full disclosures on HackerOne. Why?

  • You can filter the results
  • You can see ALL the results (H1 has page limitations – 25 results)
  • Its coded in Go 😀

So if you guys want to give it a try, feel free to install it and participate – https://github.com/dsopas/h1-search

no responses
20/04/18 Tools # , , , ,

RFD Checker and Security Assessment Mindset

I recently published two repos on my Github account. One is RFD Checker, which I did with my colleague Paulo Silva, where it scans for Reflected File Download vulnerabilities and the other one is a security mindmap (you can also have other formats). This last one had pretty good success just because it a mindset for helping infosec peers and bug bounty hunters on their assessments.

Feel free to share it and participate on any of the projects. They are open-source and with the help of the infosec community they can become a better tool to your arsenal.

 

no responses