Hosting a private Burp Collaborator on custom domain can be very handy. However it currently has some limitations, one of them being the hard-coded index page.
It would be useful to be able to customize the web page. For example, the default page could instruct viewers how to contact the collaborator owner. Another example would be serving any additional payload files from the same domain.
There are hackish ways to achieve it, but not all are working as intended so let’s take a look how not to do it and how to actually do it.

The Burp Suite Collaborator is a valuable tool for penetration testers and bug bounty hunters. It basically gives you unique subdomains and logs all interactions (DNS, HTTP(S), SMTP) towards the subdomain. This can be used for example to detect SSRF-vulnerabilities and exfiltrate data.

Burp Suite Professional provides a collaborator service under the domain burpcollaborator.net and using it is usually fine. However on the rare occasions it can be blacklisted / blocked or otherwise unreachable from the target. Luckily, the Burp collaborator can also be self-hosted and set to use a whole custom domain.

What is a Hackday? Hackday (not to be confused with ‘hackathon’ events) is a live event where a group or groups of hackers do security testing to some target (i.e. hack the target). Usually the target is a web application or for example some IoT device. The event may last from one day to a […]

Tämän avoimen kirjeen on tarkoitus tavoittaa yliopistojen, ammattikorkeakoulujen, lukioiden ja ammattikoulujen tietoturvasta päättävät henkilöt. Team ROT tarjoaa yhdelle Suomalaiselle koululle ilmaisen teknisen tietoturvatestauksen. Olemme Team ROT, meitä on kuusi henkilöä ja tietoturva on intohimomme. Teemme teknisiä tietoturvatestauksia järjestelmiin ja laitteistoihin, sekä vapaa-ajallamme, että päivätyöksemme. Olemme osallistuneet lukuisiin haavoittuvuuspalkinto-ohjelmiin (engl. “Bug Bounty program”) maailmanlaajuisesti ja tiimimme […]

This is a writeup for the Disobey 2018 hacker ticket puzzle. There were 50 “hacker” tickets available and the puzzle was open for about a month. It was a bit tougher this time than it was in previous years. Spoiler alert WARNING: This obviously CONTAINS SPOILERS. Do not read further if you want to solve […]