Jonathan Cooper – Medium

Jonathan Cooper

Published in
Geek Culture

Fuzzing File Uploads With Burp Intruder

Apps and websites often need to allow users to upload files for various reasons. Sometimes users need to upload arbitrary files, such as on…

Jul 21, 2021

Fuzzing File Uploads With Burp Intruder

Jul 21, 2021

Hacking HTTP with HTTPfuzz

So you’ve been given a web app to pentest. Maybe it’s a banking app or a document workflow system. Either way, you need to make sure it’s…

Dec 19, 2020

Hacking HTTP with HTTPfuzz

Dec 19, 2020

Judas: back from the dead

If you’ve been reading this blog since the start, you’ll remember Judas, the pluggable open-source phishing proxy. I wrote Judas to prove…

Oct 5, 2020

Judas: back from the dead

Oct 5, 2020

Printing Money With TD Ameritrade’s API

Learn how to build trading bots with TD Ameritrade’s API

Aug 13, 2020

Printing Money With TD Ameritrade’s API

Aug 13, 2020

Exploring Android apps for fun and profit

Smartphones have become an extension of our bodies. We use mobile apps for everything from sending money to shooting movies, but for the…

Aug 7, 2020

Exploring Android apps for fun and profit

Aug 7, 2020

Easy private networks with WireguardHTTPS

I’ve been experimenting with Wireguard as a VPN to protect my internet traffic from local snoopers and communicate between all my devices…

Jul 23, 2020

Easy private networks with WireguardHTTPS

Jul 23, 2020

Cloak and Dagger — Malware Techniques Demystified

The cloak and dagger attack exploits a combination of drawing over other apps and the large amount of access to other apps given to…

Apr 10, 2019

Cloak and Dagger — Malware Techniques Demystified

Apr 10, 2019

Disabling OkHttp’s SSL Pinning on Android Apps

Your target has an Android application and you want to walk through their API to check for server-side vulnerabilities. You configure the…

Aug 13, 2018

Aug 13, 2018

Automated API testing with Postman

Postman is an excellent API testing tool for developers, QA testers and penetration testers. Its UI allows you to easily send HTTP requests…

Jul 19, 2018

Automated API testing with Postman

Jul 19, 2018

Go phishing: Extending the proxy

In the last post, Judas got SOCKS proxy and SSL support to make the proxy sneakier, but all the proxy can do is dump the requests and…

Mar 12, 2018

Mar 12, 2018

Jonathan Cooper

Jonathan Cooper

I’m a cybersecurity consultant who develops software. I help agile teams deliver secure digital experiences to their customers.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams