About Us
Contact
- Contact Us
- Email Sign-Up
Services
Projects/Tools
- All Tools
- RITA
- Books
- REKCAH
Learn
Community
Training

David Fletcher

Author, David Fletcher, External/Internal, Red Team cool stuff, shell script, SSL, testssl.sh, TLS, tools

TestSSL.sh –Assessing SSL/TLS Configurations at Scale

David Fletcher // Have you ever looked at Nessus scan results to find the below in the output? Recently I was on engagement and encountered just this situation. I found […]

Read the entire post here

David Fletcher, Red Team, Web App Cross-Site Request Forgery, CSRF, CSRF-Token, Recursive Grep, Testing Protected Pages, XSRF

Using Recursive Grep to Test Per-Request CSRF-Token Protected Pages

David Fletcher // Cross-Site Request Forgery (CSRF or XSRF) is an attack which is used to execute a transaction on behalf of a victim user against a vulnerable web application. […]

Read the entire post here

Author, David Fletcher, Red Team, Red Team Tools, Web App Automated Testing, Burp Macros

Using Simple Burp Macros to Automate Testing

David Fletcher // Recently, while assessing a web application I noticed content on one of the pages that appeared to be derived from sensitive information stored within the site’s user […]

Read the entire post here