Finding Web App Vulnerabilities with AI
Key Takeaways
The video demonstrates how to use Burp AI, an AI-powered web application security testing tool, to identify vulnerabilities in web applications, including SQL injection, cross-site scripting, and broken access control, and how to configure and use Burp Suite to enhance web application security testing with intelligent automation.
Full Transcript
Okay, AI is not going anywhere. And I know it's a hot topic and everyone has their own opinions about it, good, bad, and ugly. Personally, I think AI is pretty cool, but I'm not of the opinion that it's going to, oh, take our jobs or replace human effort. I think it's something that can augment really supplement the work that we get to do. So, in this video, I want to showcase finding different web application vulnerabilities using Burp AI. That's the new artificial intelligence feature set added to Burpswuite, the web scanner and web vulnerability hunter that we all know and love. With that said, let me be straight up. This is a sponsored video thanks to our channel partners, Port Swigger. So, thank you so much, but let's dive into the fun. So, I'm inside of my Kali Linux virtual machine and I'll be using that to drive the demo for this video. And I'll open up my web browser just using Firefox to keep it easy. I'm going to hop over to portswigger.net. And here is their homepage. So I could go ahead and get the latest version of Burpsweet. I do want to log in here. And for this video, I'm going to be using Burpuite Professional. I know Kali Linux already comes with the Burpuite community edition, but I think it would be awesome to use some of the AI features now available in Burp Professional. We'll talk about it all more in just a second, but first let me get this downloaded and up and running for us. Now, with that downloaded, I'll open up a terminal with Ctrl Alt T on my keyboard, F11 to full screen, and I'll zoom in a bit so you can see this. And I'll move over to the op directory. That's where I like to keep a lot of my tools that I download and work with externally. So, let's copy that Burp Suite tool here. That is just an SH script or a bash script. So, I'll mark that as executable with chmod plus X. And with that, I can run it and now get this thing installed. It does rely on the Java runtime environment, but that should be able to get things up and running just fine on Kali Linux. So, let me cruise through the install. Okay, now I've just installed that to my op directory. So, I should be able to dot /burpeet pro. Excellent. This will get it up and running and I will cruise through adding my license. All right, now I'll use the usual setup with just a temporary project in memory. We can click next. Using the burp defaults is fine and we can start Burp. Excellent. Here we are in Burpsweet Professional version 2025.2. 2.3. And you might be able to see down at the very bottom right, they now have Burp AI. AI powered penetration testing starts here. Burp AI enhances your testing with intelligent automation built on decades of security expertise. All right, I amped up the tech size, and I can change this to dark mode to help save your eyes for you vampire folks. Now, on the bottom right, you can click find out more, and that'll bring you to their documentation that we'll explore in just a little bit. But they also give you a quick little tour with the next button here. And this gets into exactly what I mean where it's augmenting you, supplementing your work, and helping you do what you do. Not going to replace you. It's not going to do oh everything all on its own autonomously, but it can speedrun, streamline, make this seamless for you to work with anything that you're up to for web app security and penetration testing work. Now, I know that's a super quick tour and we're going to see this in action, but before we do, I feel like I got to touch on this because I know a lot of folks are probably going to ask. Look, the way this works is with AI credits. Burpuite is using an online model to handle all this AI stuff. You're not using your own localonly model. Hey, quick note, after recording this video, I see that Burpuite has created a new MCP server extension in their Burpuite app store. So, I'll include a link to that in the video description if you'd like a little bit more detail on that. in the documentation that they reference and I'll include a link in the video description. You can see a lot of the sweet stuff that it can do, but it also discusses, hey, security and privacy. We've designed Burp AI features with security, privacy, and transparency in mind. Ultimately, you choose when it does AI stuff. All of this is going to go through their AI infrastructure, not used for training or stored by any AI providers, but that is stuff I want you to be aware of. You can see a little bit more in the pages that they link and get a little bit more insight on the AI credits here. I do want to at least scroll through that AI security, privacy, and data handling page because I know that's usually the probably biggest concern that folks raise their hand or raise their eyebrow about when talking about AI stuff. Doing their best, Portiger saying, "Hey, look, no concerns really. I know it's your own risk, your own threat model. You decide. It's subjective to you, but I think they got everything at least transparent and out and about forthright and forthcoming as to how this all works. Also digs into how it's worked for extensions, but I don't think we need to fall down the rabbit hole here. I just want to make sure that's available to you and you know what's up. Anyway, let's get back to Burpswuite and start to do some of the fun stuff. If you aren't familiar with it, I do have an old video, admittedly a little bit dated now, but walks through the features and usage of Burp Suite for some of that web hacking web app security testing. Now, for this video, I'm going to hop over to the proxy tab because that's where a lot of the good stuff happens when you can use Burp in between the web app that you're working against. Normally, you set this up with like a proxy that you'll configure Firefox or your web browser for, but truthfully, I really like to use their included preconfigured web browser because then you don't have to deal with the certificates. You don't have to deal with the proxy shenanigans, blah blah blah. It's pretty convenient. And for this demo, let me actually use the Portswigger sort of designed vulnerable web app, intentionally vulnerable for some of this learning here, their jin and juice shop at the URL jynjuice.shop. Here we are now at the jin andju.shop and take a look at the banner up here. This is a deliberately vulnerable web app designed for testing web vulnerability scanners and you can put your scanner to the test. If you click that here, they do have a big long list of the vulnerabilities that we should be able to track down. They even give you some username and password to be able to log in and we'll use that in just a little bit. But let me get back over to Burpuite so we could configure this. Back at the top navigation, we could actually set the target where it has been tracking everything that we visited thus far. http jin andju shop as I typed it in and then how it redirected us to the jynju shop with all the get requests and methods that have been kind of included here just because it's good practice. I actually want to hop over to the scope because I know I'm using their browser to keep this nice and easy, but it is a good idea to actually set up your own restrictions in case you're doing any bug bounty or web app testing or pen test, whatever, to make sure that you do actually have look only the stuff that you want to be filtered and zoomed in on as the scope of what you're testing. So, we'll enter any protocol, HTTP, HTTPS, but I do want to focus on jin and juice.shop. So, we'll click okay to that. And it asks us here, you have added an item to the target scope. Do you want Burp proxy to stop sending out of scope items to history or other Burp tools? In which case, yes, uh, we'll avoid anything other than that. Now, I'm going to jump over to the dashboard because by default, it'll already be doing some live audits and live crawling of different web pages. Now, this has been tracking down these two types of scans. You've got a live audit from all proxy traffic and a live passive crawl from everything that we're kind of clicking through and might experiment with. You can see that's already collected a couple different issues. While they are just low severity or informational thus far, these are things that Burp AI could probably give us a little bit more context for. And just to kind of start from the start here, I'm actually going to remove these and then create our own new scan or new live task. We can create a new scan. And then if I set this to crawl and audit, this is awesome. You can see, hey, some of those AI enhancements. Choose AI powered features to enhance your scan. Note that these do require those AI credits. But take a look. We got a little section here for broken access control. It'll reduce false positives in broken access control scan checks. And if we ran out of AI credits, then you could determine, oh, we'll either pause the scan or alert me or just continue without any of the AI enhancements. I think we can leave that to pause, scan, and alert me. But let me click on next. Let's get to the URLs to scan. This should just be jin andju.shop as we've defined for our target already. I'll hit next again. And then we can determine oh the scan configuration using a preset scan mode or a custom configuration. I'm okay. Let's just use a balance scan with one of those preset ones. Let's click next. And now we could choose login credentials. Now they gave us this already. So let me actually click new. My face again covering it up. But look, we could just say Carlos. That was the username that that web page provided and Hunter 2 as the password here. So just for a quick and easy authenticated scan. Clicking next. Then we get to the resource pool. The default resource pool is totally fine. Just kind of Oh, how fast do you want this thing to be? I'm all right with it. Let's just click scan. BAC false positive check requires unauthenticated crawling. The AI powered broken access control features needs unauthenticated crawling to run. Your current scan settings prevent this. You can update your scan settings. Oh yeah, let's just Okay, try to go without the credentials then and see how well the AI takes a look at all this. Now, let's click scan once again. Oh, the AI powered broken access control false positive check needs both authenticated and unauthenticated crawling to run. Okay, what if we just toggle this to a deep scan? How about that? Okay, now it's happy and now it's doing its thing. Now we can just let this go. That'll be running along in the background. But a live task will let us sort of hey do an audit or crawl with everything that we just tend to click through and experiment with. We can use the sweet scope to make sure that's using our specific target and dduplication to ignore duplicate items is probably a good idea. We don't need any specific scan configurations and the resource pool is fine the way that it is. So let's try to run that just as well as we get to click around. So I'll get back to Jin and Juice Shop and then on the homepage we should be able to explore. This is literally just kind of clicking buttons, experimenting, doing some of that manual testing if anything, just to see the functionality of what we might be able to do. Looks like we could explore any of the given products here. We can click into view details or oh, even subscribe, add any email address, and then maybe that'll give us a cool little coupon code. Yep. Okay, we could enter that or keep track of it when we are trying to look at any product. So, let's view the details here. Maybe we check the stock of this. We click the buttons is to see, okay, what will this actually capture that Burpuite could take advantage of? If I were to toggle any of the pricing or units that we want, we can click add to cart. Then we can click view cart. If we wanted to enter a coupon, maybe one that is incorrect, not a real coupon, we can try and apply that. See what happens. Let's enter a correct one. Let's see what happens with that. So, we have all the functionality just kind of captured and things that we might be able to work with when we either place an order. Oh, let me log in once again. Hunter 2. Don't know if I actually ever did in that case. So, the username it's asking for first is Carlos and then Hunter 2 for our password. Let's try to place that order, but oh, unable to process transaction because user is flagged for deletion. All right. What if we were to remove something from our cart? We could continue shopping back in the products. Maybe we wanted to search for something. Let's search for one or anything that might not exist. I don't know. How about literally the word anything? Click in search. Oh, it actually got a result for that. Okay, let's do the old classic please subscribe. Uh, misspelled as is tradition. Search for that. Okay, no results found. We could toggle on any of the specific categories. We can take a look at the blog page. We can search the blog. Maybe there'll be some vulnerabilities in that. So again, we're all just giving these feed this HTTP requests things that we send so that Burpuite could then be able to look through these and then automate some of the process or try to streamline our capability. It will be looking for extra vulnerabilities all on our behalf. So this is just me clicking around seeing what functionality it can capture. With that, let's get back to Burpuite and see how these scans are going. Oh, looks like we got quite a bit. So these are the most serious vulnerabilities found live. This is our live audit from us just experimenting. But we might be able to see oh B 64 encoded data in the parameters. And we can explore each and any of these external service interaction. Let me expand up the details here. Oh, and this has some of the AI features here with explore issue. You can see that little nice star sparkling icon there. This gives us some details, but I want to find other vulnerabilities. Looks like it was trying this with Burp collaborator payloads or different requests made. Do we have any others that are worth exploring? External service interaction, cross- sight scripting. Well, our crawl and audit with the AI capability is going to take a little bit of time because that is using the deep scan capability, but the live crawl view is very cool because okay, they get to like test different things and it even shows you all that it's experimenting with. That's sweet. Once it's got a little bit of findings, I think any of the AI enhancements down below on the bottom right should be included there. But you can see the task log, everything it's trying and experimenting with. All right, the scan keeps finding stuff slowly but surely. So, I'm going to let this run a little bit longer and then we'll get to dig into some of those AI enhanced features when we're looking at different vulnerabilities. Oh, I'm looking back over on the summary page though for our crawl and audit. You can see the AI enhancements does see broken access control one false positive reduced and one issue confirmed. We can see that down below the FP labeled tag for broken access control AI enhanced. It displays a promotional website for Jin products which does not contain sensitive information or require authentication. Probably not a concern, but that's pretty cool. And the summary section is still going to be being filled out. But the event log tab does show, okay, the crawl started some time ago. They finished crawling and now they're still going through the audit. Looking over, we can see it's sent like 13,000 requests. so far. Okay, so the scan is still going and it's probably going to be going for quite a while. I think that's on me. I chose the deep scan and now we're up to like 30,000 requests. Uh look, the probably a deep scan will take some time, but that's okay. We do have a lot of vulnerabilities that have came through. Now, looks like uh cross-ite scripting I can see here. And I want to double check between the crawl and our live audit. That one also has a summary section with cross-sight scripting including there cross-sight scripting DOM based while the other was reflected XML external entity injection SQL injection and I want to go back and forth to kind of look and explore these that sees SQL injection just as well. But this cross- sight scripting reflected one. Ooh, the value of username request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. So the payload here including an alert one tag was submitted in the username parameter. We could play with that. I want to copy that payload, but we can use their AI explore issue feature. And then let me see what it does. Oh, okay. Uh I think it might just do it. Let me move my face out of the way. And this is AI, right? You know, it will vary on the results. The if you try this, it might have something different because it is a little bit of a black box, but it's got enough context to be able to play with this. test XSS payload to redirect the page. Given the evidence shows cross- sight scripting is possible through injection in a JavaScript string. Oh, it's just going. Okay, it's trying a bunch of different stuff and I guess it's just a matter of how fast I can read this. But it is testing from login now. It's seeing if it can recover or retrieve different cross-sight request forgery tokens. Testing data exfiltration payloads. And this is sweet because it's just kind of doing its thing. And then it just Okay, says it's done. Now it has a task summary. We've successfully confirmed a JavaScript injection vulnerability in the login pages username parameter. Can we like see that? Like they were able to validate in a little bit of a different way and try through different things that could help us remember and remind us of what to do. But let me get that payload there again. I want to copy that value and I'll bring that over to I guess it would be logging out and then trying to log in. Now on the username page here trying that payload login that is cross-ite scripting like there's an alert one there's JavaScript code execution but that's pretty slick what else do we got what else can you just determine and figure out here http response header injection the value of the category request parameters copied in the set cookie response header that includes something and we can drill down and see the request that they sent and you can see that's included with I'm assuming a URL L encoded like new line character. Yeah. Percent 0D percent 0 A and the response ends up oh actually adding it in to the headers. We could see a path to an issue and determine how that's actually done. But what does the explore issue particularly do with that one? You've got of course the controls here to pause task or finish task down below. But oh it'll try to inject its own little session cookie. crafted a payload that includes CRLF characters 0D0A followed by a set cookie header to try to set a new session cookie. From our previous test, we confirmed that that's totally doable. The cookie injection worked, but was alongside the legitimate session cookie. Oh, okay. So, there's more to experiment with. You can try to split it with cross- sight scripting. Again, you can see the request and responses that they get and come back with. Oh, yeah. You can see the double set cookie here and then a custom header that they provided. So, what does our task summary say? Successfully confirmed HTTP response header injection through the category parameter, allowing us to inject arbitrary headers and manipulate cookies. While this is possible, the application security controls limited the impact of cookie manipulation. But you could still like do different things like potentially modify what the server will give back to you, right? If you can break into their response, the logger will give us something kind of cool here. If anything, that's just neat to see what they pass through. But if we wanted to, you could send this to repeater or any of these, right? I think controlr will send that to repeater. You can see it highlighted there. And now we have that exact little structure and setup here that we could send and then see all this come through just as well. So you've still got, of course, all of the regular features and functionality of Burpuite. And actually, I never particularly set the filter on our site map to show only the inscope items. So that will get back to and clean up all the things that it might have requested from other pages for like the Angular library or anything else. But then you can drill down into any of these. This one I know had some of the broken access control capability that the AI enhanced work was tracking down. I'm not super duper interested on that one. I do think however that all of these other vulnerabilities that it might be able to find, how it could just speedrun and streamline that is very cool. What about SQL injection? Will it just like get a working payload? The category parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted. And we can see in the request one and request two. Here's a single quote that you can see they have marked and highlighted that you can filter or toggle into that will return in the response an internal server error indicating yeah that did break probably a database query, probably a SQL statement with an internal server error. Trying with request two where they include two single quotes. That one will give you a full page that returns and responds as the site naturally would have. But will our AI buddy here will Burp AI with the explore issue actually do a little bit more with this? Cuz like I think the potential of being able to rip out contents of the database will be very very cool and we might be able to find or track down other opportunities for it. Yeah. Yeah. Yeah. Look, they're already testing for unionbased SQL injection. They'll try to determine the number of columns. I wonder if it can just track it down. They start with the null column and then add it more. Will it go all the way until it finds a correct one? I don't know if those are each individual AI steps. They might be though. Two columns, three columns. I don't know how far we'll go. But the fact that it does this pretty neat. Still going. Still tracking down. Oh, determining the column count by order by. Trying it now with six. It'll still find the sweet spot. Okay. Order by with six returned a 200 response, but since they set an upper bound with 10 and that didn't work. Uh they are now going to continue finding what would be the sweet spot with order by because that way it'll say, okay, we have an upper bound that failed. Successful ones will work, but we have to keep increasing that to find the threshold here. Order by eight returned a 200 response showing there are at least eight columns in the query results. Now they're going to try with nine. And you can always see the payload they have here. Oh, cool. Okay. Order by testing revealed exactly eight columns as order by 8 worked but order by 9 failed. That gives us the exact structure that they need for the union select attack. And that'll do the explicit SQL injection. Now they're going to see which of these is actually going to be displayed or reflected in the web page. Right? So, they're trying to see which of the columns in a union select payload will actually work. Oh, the second column test succeeded, returning a 200 response with our test string. This confirms we can use this column to extract and display data. Now, we'll try to retrieve table names. Union select table name. The information schema query worked, but we need to filter it to focus on relevant tables. The application successfully processes complex SQL functions and joins since all the previous queries returned too many tables from all schema. Whoa, whoa, whoa. It's just cruising. Oh, they're using concat. Okay, so now they're trying to leak out the table names and column names. And like I'm hands off keyboard. Like that's the coolest thing. Group concat will work better there. Yeah, good man. We had like XML external entities and cross-ite scripting, but the SQL one is a good show. Okay, they're getting a little stuck up on the syntax. It's still going, but I will consider the fact that this is probably burning a lot of the credits that we're using. Okay, but it did finish now. Successfully identified an exploited SQL injection vulnerability in the category parameter of the application. We determined the query has exactly eight columns and accepts union select statements. We were able to query the database and confirm the existence of a users table with username and password columns, but they weren't able to pull this out. Next steps would include exploring alternative data extraction methods like add a band techniques or investigating different encoding methods to bypass any output filtering. Still, it tracked it down. Can we just like do a union select on our own and validate that works? They got it in the what was it? Second value. Yeah. So, let me get back to the app and they found this in the categories section. So let me press F11 so we can see our location or address bar. Now if I toggle on one of these categories obviously the single quote there should give us an internal server error right and it does internal server error obviously adding another single quote while it will be URL encoded that will respond with the full page back no results found. Now we could use that union select. And then they used eight different columns here with null. So 2 3 4 5 6 7 8. And then can I just comment that out with the dash dash? Okay, that returns a thing. Which column did they have uh an actual result coming through here? If I use like SQL test, kind of the same thing displayed that they did. Yeah. Okay. I don't know how well you can see it, but there is SQL test. Could we pull like a version or anything else out from this at at version? Is that the one that works here? No, I don't think so. Is it version function call like parenthesis? Maybe user. How about that? Okay, that gave us Peter. Oh, Peter is the SQL user apparently. Now we know. Cool thing though. If we were able to take any of these requests that we send or responses, if we kind of expand them out, we can see them in the inspector and then we could actually bring them to repeater. And from the repeater tab, when that's toggled in, uh, if I were to send this request, whatever we end up getting pulled back, the far right side, you might be able to see it. If we highlight whatever we want, we could click explanations, and that's another sweet little AI section here. So, if this returned an internal server error just like we saw previously, can I highlight that, rightclick, and then send to explainer? Explain this. Control E is a hotkey at the very top. What does that get here? Now, again, you probably are understanding what an internal server error is, but uh looks like it's got a sweet little explanation. They even note here, it doesn't make sense that I'm highlighting the HTML tags. That's probably going to be a HTTP response code that should accompany that. So that up here is what I would want to send to explainer. I hit control E for my hotkey. Status line indicates the server encounters an unexpected conditioning preventing it from fulfilling the request. So just to help your own learning if you run across something that maybe you haven't seen before with that. I know I've been testing just a couple of these different tasks and being able to see the task summary that the AI kind of explored for us automatically. We could do this again with like the XML external entity injection or any of these. Let me try it for XXE. Oh, we're currently unable to explore this issue. We cannot explore this issue because it was found using Burp Collaborator which is not yet compatible with our air platform. Well, that's good to know. Roger that. Oh, and that's tracking down because it was making external requests to Burp Collaborator and we could toggle or play with that of course or any of the other sweet features in Burpswuite Professional. But obviously the real sweet sauce here is Burp AI. And look, I know I've only like scratched the surface of some of the cool stuff you can do with Burp AI. The explainer, the explorer, broken access control. We did get to see uh AI powered recorded login are kind of neat. This is actually a feature that I really should have covered because it would have streamlined the authentication process for our scan. With AI recorded loginins, Burp Suite literally logs in for us and it automatically captures all of the HTTP traffic and everything necessary for that process. Super convenient. AI powered extensions. This is where you could have a lot more power and capability. Their API allows you to add advanced AI features into your Burpuite extensions. And there are already a handful of burpuite extensions. Like if we wanted to just try to run SQL map or bake that into burpswuite. Well, there is an extension for that, but you might already be able to pour in and experiment with more AI features. And hey, the really cool part of this in my mind is that it's already in the environment that you're already using. Like the whole point is to enhance your security testing workflow. It's adding to your workflow, giving you a little bit more superpowers. And I think that's pretty cool because honestly, look, at the end of this thing, you have an assistant. You've got a battle buddy. you've got someone to kind of divide and conquer. Like they're going to go test, validate, try the SQL injection. Maybe you go try the XXE vulnerability. You can explore and have something else working alongside you, working with you. That's the best part. Real quick, here's the wrap-up. Look, Burp AI slots seamlessly into your existing workflow and your existing ways of doing things. Some of your investigative work that you might already do manually, hey, Burp AI could automate that process and streamline it. I know in this example I showcased the gin and juice shop that is intentionally vulnerable but look that's for our learning and if you want to follow along you can just as well jin and juice.shop shop. Remember though, it is AI, so it's non-deterministic and the results might vary, but it's all with the same context and findings that Burpuite on its own already found for us. Bear in mind, you're using credits. That is something that's part of the process, but you can always disable the AI whenever you don't want to be using it. And if you want to put together your own whole AI extension, that's totally possible and maybe something we could do in a future video. That would be a lot of fun. But hey, I hope you kick the tires. I hope you play with it because that's really all this is. It's learning. it's playing and it's something that it's going to improve and get better and try to add that new capability with Collaborator or any of the sweet stuff that Port Swigger starts cooking up. With that, thank you so much to Port Swigger for sponsoring this video. Please, of course, there's a link in the video description. Show them some love if you'd be willing and thanks so much for watching this video. Please do all those YouTube algorithm things. Like, comment, subscribe, and I'll see you in the next
Original Description
https://jh.live/burpai || Hunt for bugs and perform web app pentests with Burp AI -- an AI assistant not meant to replace human effort, but augment your workflow 😎 https://jh.live/burpai
Burp AI documentation: https://portswigger.net/burp/documentation/desktop/burp-ai
BurpSuite MCP server: https://portswigger.net/bappstore/9952290f04ed4f628e624d0aa9dccebc
Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training
See what else I'm up to with: https://jh.live/newsletter
🏆Attend ContinuumCon, the practical online cybersecurity conference that never ends! Livestream begins June 20th, 2025: https://jh.live/continuumcon
ℹ️ Affiliates:
Learn how to code with CodeCrafters: https://jh.live/codecrafters
Host your own VPN with OpenVPN: https://jh.live/openvpn
Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefense
Master Binary Files and Protocols with Gynvael Coldwind: https://jh.live/hackarcana (code MBF-JH-10 gives 10% off!)
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from John Hammond · John Hammond · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Code Commentaries? PHP to JavaScript in Bash and PHP!
John Hammond
Tutorials? MySQL connection with PHP and Bash!
John Hammond
Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
John Hammond
JavaScript Splits The URL!
John Hammond
HTML Tables in Python!
John Hammond
HTML, Net Shares, GML!
John Hammond
Python 08 Programming Style and Comments
John Hammond
Python 26 Object Oriented Programming
John Hammond
75 Python Tutorials, Out Now!
John Hammond
Batch 14 Mathematical Expressions
John Hammond
Batch 85 Array Append
John Hammond
Batch 86 Array Count
John Hammond
Batch 87 Array Index
John Hammond
Batch 88 Array Insert
John Hammond
Batch 89 Array Remove
John Hammond
Batch 90 Array Reverse
John Hammond
Python [colorama] 00 Installing on Linux
John Hammond
Python [colorama] 09 Cursor Position
John Hammond
Python [hashlib] 02 Algorithms
John Hammond
Python 00 Installing IDLE on Linux
John Hammond
Python [pygame] 11 Rectangular Collision Detection
John Hammond
Python [pygame] 12 Platforming Rectangular Collision Resolution
John Hammond
Python [XML-RPC] 01 Research
John Hammond
Python [pyenchant] 03 Personal Word Lists
John Hammond
FancyURLopener Authentication and User-Agent [urllib] 03
John Hammond
Python 04: PEP8 Coding
John Hammond
Python Challenge! 17 COOKIES
John Hammond
Google CTF 2016: Ernst Echidna
John Hammond
Google CTF 2016: Spotted Quoll
John Hammond
Google CTF 2016: Can you Repo It?
John Hammond
Google CTF 2016: No Big Deal
John Hammond
Google CTF 2016: In Recorded Conversation
John Hammond
Homemade CTF Challenge: 01 "Orchestra"
John Hammond
Homemade CTF Challenge: 02 "Bae's Base"
John Hammond
Homemade CTF Challenge: 03 "Web Hunt"
John Hammond
Homemade CTF Challenge: 04 "UPX"
John Hammond
Homemade CTF Challenge: 05 "The Assumption Song"
John Hammond
Homemade CTF Challenge: 06 "A Brisk Stroll"
John Hammond
Homemade CTF Challenge: 06 "I lost my password!"
John Hammond
web25 :: Mr. Robot : EKOPARTY CTF 2016
John Hammond
web50 : RFC 7230 :: EKOPARTY CTF 2016
John Hammond
misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
John Hammond
Hack The Vote 2016 CTF: Sander's Fan Club [web100]
John Hammond
Hack The Vote 2016 CTF Warpspeed [forensics150]
John Hammond
Juniors CTF 2016 :: Black Suprematic Square
John Hammond
Juniors CTF 2016 :: Six Strange Tales
John Hammond
Juniors CTF 2016 :: Lost Code
John Hammond
Juniors CTF 2016 :: Here Goes!
John Hammond
Juniors CTF 2016 :: Southern Cross
John Hammond
Juniors CTF 2016 :: Clone Attack
John Hammond
Juniors CTF 2016 :: Dirty Repo
John Hammond
Juniors CTF 2016 :: Hackers Blog
John Hammond
Juniors CTF 2016 :: Voting!!!
John Hammond
Juniors CTF 2016 :: The Good, The Bad and The Junkman
John Hammond
Juniors CTF 2016 :: Stop Thief!
John Hammond
Juniors CTF 2016 :: ROFL
John Hammond
Juniors CTF 2016 :: Restriced Area
John Hammond
Juniors CTF 2016 :: Oh SSH!
John Hammond
HackCon CTF 2017 TRIVIA and BONUS Challenges
John Hammond
HackCon CTF 2017 "Bacche" Challenges
John Hammond
More on: AI Security
View skill →Related Reads
📰
📰
📰
📰
HTML Injection Nedir? BWAPP ve Burp Suite ile Pratik Örnek
Medium · Cybersecurity
I set up whonix by hand once and gave the workstation a direct line to the internet without…
Medium · Cybersecurity
CRTA Review: Is It Worth It in 2026?
Medium · Cybersecurity
What Is Web Security? Common Web Attacks and Protection Methods Explained (2026 Guide)
Medium · Programming
🎓
Tutor Explanation
DeepCamp AI