Is it possible to run an active scan against a website with Burpsuite, ZAP, or another tool that excludes form submission for a single form? [closed]

I am trying to run an unauthenticated active scan of a website as part of a penetration test, and there is one form on the website on a contact page that looks like it will send emails to a singular contact. We don’t want to flood this per… Continue reading Is it possible to run an active scan against a website with Burpsuite, ZAP, or another tool that excludes form submission for a single form? [closed]

Redirect all outgoing http and https requests to Burp using nftables

I’m working on a very limited client (based on Poky from the Yocto Project), on which I want to redirect all http/https requests to my other machine on the same network. I have nftables available on the target and verified this, by success… Continue reading Redirect all outgoing http and https requests to Burp using nftables

cant set cookie from request to another domain, chrome third party cookies phaseout

I am doing the PortSwigger CSRF lab, where the token is tied to a non-session cookie, the solution to this is that we set a cookie to the users’ browser through the search field which sets the search query to set cookie
and then do a POST … Continue reading cant set cookie from request to another domain, chrome third party cookies phaseout