blog.ropnop.com
Open in
urlscan Pro
76.76.21.142
Public Scan
Submitted URL: http://blog.ropnop.com/
Effective URL: https://blog.ropnop.com/
Submission: On November 12 via api from US — Scanned from DE
Effective URL: https://blog.ropnop.com/
Submission: On November 12 via api from US — Scanned from DE
Form analysis
0 forms found in the DOMText Content
Toggle navigation ropnop blog * Posts * Conference Talks * Tags * Series ROPNOP BLOG -------------------------------------------------------------------------------- A place to dump things I find interesting and think others might want to know HOW TO STORE SESSION TOKENS IN A BROWSER (AND THE IMPACTS OF EACH) Posted on October 3, 2020 | ropnop A common question when building a SPA is: where do I store my session tokens? I'll talk through the main options and the pros/cons of each [Read More] javascript browser cookies tokens LEARNING GO CONCURRENCY FROM FACTORIO Posted on June 28, 2020 | ropnop Go's concurrency model confused me at first, but it finally clicked when I thought of it like building an assembly line in Factorio [Read More] go HOSTING THE CLR AND EXECUTING .NET ASSEMBLIES FROM GO Posted on March 15, 2020 | ropnop Write up of my journey figuring out how to host the CLR and execute .NET assemblies from memory in pure Go. [Read More] golang windows .net clr PROXYING AND INTERCEPTING CLI TOOLS Posted on February 9, 2020 | ropnop Sometimes you need to intercept traffic from CLI tools. In this post I cover using Burp to intercept traffic from Java, Python, Node and Go CLIs [Read More] burp proxy python java node go DOCKER FOR PENTESTERS Posted on July 18, 2019 | ropnop Docker has become such an integral part of my worfklow recently. These examples should demonstrate how Docker can help you be a more efficient pentester [Read More] docker pentest impacket linux smb windows ATTACKING DEFAULT INSTALLS OF HELM ON KUBERNETES Posted on January 28, 2019 | ropnop Default installations of Helm on Kubernetes can make it trivial for attackers to escalate to cluster admin. In this post I'll demonstrate how. [Read More] pentest kubernetes helm tiller gke SERVERLESS TOOLKIT FOR PENTESTERS Posted on November 11, 2018 | ropnop Serverless functions have so much potential - here's a few useful examples I use when pentesting or doing bug bounties. Who needs testing infrastructure? [Read More] docker pentest serverless EXTRACTING SSH PRIVATE KEYS FROM WINDOWS 10 SSH-AGENT Posted on May 20, 2018 | ropnop The newest Windows 10 update includes OpenSSH utilities, including ssh-agent. Here's how to extract unencrypted saved private keys from the registry [Read More] windows ssh powershell openssh rsa pentest CONFIGURING BURP SUITE WITH ANDROID NOUGAT Posted on January 18, 2018 | ropnop Android Nougat changed the default behavior for apps, so installing the Burp CA to user certs no longer works. Here's two ways to bypass it [Read More] android burp nougat SANS HOLIDAY HACK 2017 WRITEUP Posted on January 18, 2018 | ropnop The SANS team hit another homerun with the HHC including awesome challenges that mimicked real-world pentest activities. Here's my solutions! [Read More] sans writeup pentest holidayhack SANS Holiday Hack Write-ups * Older Posts → * * * * ropnop • © 2020 • ropnop blog Hugo v0.63.2 powered • Modified theme based on Beautiful Hugo