Scan for POODLE using nmap from a Windows machine

Researchers from the Google Security Team have published findings about a vulnerability in SSL 3.0. CVE-­2014­-3566 has been allocated for this protocol vulnerability. It is possible to use nmap to scan for the presence of this vulnerability by doing a scan on the supported SSL/TLS protocols. This post shows how to scan for the POODLE weakness using nmap.


Translating C++ variable types to AutoIt types when using DllCall

Using DllCall in AutoIt given you enormous power to extend the functionality of AutoIt. It allows you to implement almost everyting in AutoIt that you can implement in C++.
However, one of the most difficult things when working with DllCall is to know how to type the variables that you pass to DllCall.
The table below show how to convert C++ and Windows API types to AutoIt types:

C++ AutoIt


Solution for java.lang.ClassNotFoundException when loading your Burp Suite extention

When building your own Burp Suite extension, it can occur that compiling your code and creating the jar works find, but that you get the exception java.lang.ClassNotFoundException when loading your extention in Burp Suite. This article shows the solution to your problem.

The reason is suite simple: Burp Suite expects to find your implementation in a Java package called "burp". Having the line package burp; in your source files is not enough! You also have to take this into account when creating your jar file.


Creating and building Burp Suite extention using Java command-line tools

Burp Suite allows you to easily write your own plugins, to perform complex and highly customized tasks within Burp. PortSwigger (the developer behind Burp Suite) created a series of blog posts wherein he explains what can be done with Burp Extensions. In his first blog post about the subject (see Writing your first Burp Suite extension) PortSwigger explains how you can build your own extension using an IDE. Some of us prefer however to not use a heavy IDE, but to compile the jar from the command-line. This article show how to use the javac and the jar command to create your Burp extension from the command-line.


Minimal HTTP requests

This page lists different HTTP request templates. All templates contain the minimum number of required headers.

POST /login.cgi HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 51


GET /index.html HTTP/1.0



Subscribe to RSS